The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Loki botnet controller located at 188.114.96.22 on port 80 (using HTTP POST):
hXXp://hfjv9g950bag53fcbcdnbcbnmhy35zch.tk/BN1/fre.php
$ dig +short hfjv9g950bag53fcbcdnbcbnmhy35zch.tk
188.114.96.22
Referencing malware binaries (MD5 hash):
548fceb4959384ed0351f1fcd4ef54e1 — AV detection: 32 / 60 (53.33)
959c03ca43062131a4a1701734906ae2 — AV detection: 22 / 67 (32.84)
b1eb7d97d87b9e894a83a23f033777aa — AV detection: 42 / 67 (62.69)
b3f73ba619c2127a3c68c658bdd8393a — AV detection: 36 / 61 (59.02)
Other malicious domain names hosted on this IP address:
hrlinkedasia.com 188.114.96.22
www.cbr-xml-daily.ru 188.114.96.22
www.lifting-chain.online 188.114.96.22
www.rentusacrop.com 188.114.96.22
www.jasakom.com 188.114.96.22
www.h9220.com 188.114.96.22
raitanori.xyz 188.114.96.22
mmile.com 188.114.96.22
www.weenatter.com 188.114.96.22
pirod-cdn.xyz 188.114.96.22
www.gtopala.com 188.114.96.22
samegresites.live 188.114.96.22
interestourflash.info 188.114.96.22
leadrise.co 188.114.96.22
wayzatabaycharters.com 188.114.96.22
hfjv9g950bag53fcbcdnbcbnmhy35zch.tk 188.114.96.22