The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Loki botnet controller located at 172.67.185.204 on port 80 (using HTTP POST):
hXXp://uklawfirm.bar/bobby/five/fre.php
$ dig +short uklawfirm.bar
172.67.185.204
Referencing malware binaries (MD5 hash):
030231d96234f06ae09ca18d621241e5 — AV detection: 11 / 71 (15.49)
721ef969bb4e9f6e8d70a6726b77755d — AV detection: 22 / 59 (37.29)
Other malicious domain names hosted on this IP address:
darnait.com 172.67.185.204
cloud1.alicouldcdn.com 172.67.185.204
uklawfirm.bar 172.67.185.204