The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Malware botnet controller located at 51.89.12.180 on port 47008 TCP:
$ telnet 51.89.12.180 47008
Trying 51.89.12.180…
Connected to 51.89.12.180.
Escape character is ‘^]’
$ nslookup 51.89.12.180
ip180.ip-51-89-12.eu
Referencing malware samples (MD5 hash):
2abeef2aa8ca3fc0b217386ec2fc9275 — AV detection: 27 / 68 (39.71%)
37fc34add834102f66966ed5779dfb84 — AV detection: 31 / 67 (46.27%)
5fa4d273d769f0b64ad63519bc826b95 — AV detection: 19 / 68 (27.94%)
7875aab3e23f885df12ff62d9ef5db50 — AV detection: 37 / 68 (54.41%)