The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Loki botnet controller located at 172.67.156.28 on port 80 (using HTTP POST):
hXXp://opticallogz.xyz/oluwa/five/fre.php
$ dig +short opticallogz.xyz
172.67.156.28
Referencing malware binaries (MD5 hash):
077755c67dcc6a0dbeb780ccedf28d18 — AV detection: 23 / 68 (33.82)
31a1de9276d21cd5d2ac689f1b210d8c — AV detection: 25 / 66 (37.88)
Other malicious domain names hosted on this IP address:
tallerarco.com 172.67.156.28
opticallogz.xyz 172.67.156.28