The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Malware botnet controller located at 20.63.35.138 on port 2156 TCP:
$ telnet 20.63.35.138 2156
Trying 20.63.35.138…
Connected to 20.63.35.138.
Escape character is ‘^]’
Referencing malware samples:
MD5 8f5e8de1f67cff6eaf2842d8a9d38fa5