The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
TeamBot botnet controller located at 104.21.57.122 on port 80 (using HTTP GET):
hXXp://telegin.top/capibar
$ dig +short telegin.top
104.21.57.122
Referencing malware binaries (MD5 hash):
12e085599119bedc6c218ad1c339bc60 — AV detection: 22 / 68 (32.35)
18b193c34923f4f2aa44fb8675f64993 — AV detection: 25 / 68 (36.76)
2a309d5c4e50b158df90f52c3a1072b8 — AV detection: 19 / 65 (29.23)
386b63b340e56cb0248a112812c56c69 — AV detection: 14 / 56 (25.00)
3a818af43bcc370b678e13e0cc4dde4a — AV detection: 31 / 69 (44.93)
3f5a0eee2fae6c354c66813fce68ee9d — AV detection: 20 / 68 (29.41)
70960815294244672738b9f1328812a4 — AV detection: 19 / 67 (28.36)
7aa969fdffd0eb3a6d909fb1ef6a5a4c — AV detection: 36 / 68 (52.94)
8a316618b01e80a4d5a89cb778d226c4 — AV detection: 22 / 68 (32.35)
94b576115c7f0fe5c3aed538b6258694 — AV detection: 25 / 68 (36.76)
a1b1e746371b985b179ff3395b55e2e9 — AV detection: 58 / 67 (86.57)
a2e585c2f76686330903d7d863cdb9b3 — AV detection: 47 / 69 (68.12)
b022fa2b1beb55aee7bb0f1fb351ae1f — AV detection: 16 / 68 (23.53)
b78c7ff959d4d96628b64d60ff2dc8cd — AV detection: 25 / 68 (36.76)
cc752dadd236648c4ac68c50e74118c2 — AV detection: 24 / 68 (35.29)
cc87e127472d799e5ff2d654092f9e8b — AV detection: 18 / 66 (27.27)
d39f20ca4a62ec0c8bd6df43d6f456c9 — AV detection: 25 / 68 (36.76)
e8c8c339b3235d37cbc4fca42d8a1101 — AV detection: 23 / 67 (34.33)
eeb7c88190d62ce2a49605a42a88d17f — AV detection: 24 / 68 (35.29)
Other malicious domain names hosted on this IP address:
ibislk.com 104.21.57.122
telegin.top 104.21.57.122