The host at this IP address is hosting a website that have been compromised by threat actors to distribute Emotet (aka Heodo) malware. The following URL is hosting a webshell that is being accessed by the threat actors programmatically to place malware on the website:
URL: http://shop.shriyantra.ru/wp-content/plugins/js_composer/config/JST10x.php
Host: shop.shriyantra.ru
IP address: 185.4.74.148
Hostname: sb9044a94.fastvps-server.com