The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
DCRat botnet controller located at 94.250.248.104 on port 80 (using HTTP GET):
hXXp://94.250.248.104/dataframeCpuCam/Cambin/poolcore/scriptCamsystem/antiPrefscreenlog/linehttpWp.php
$ nslookup 94.250.248.104
thedrugachannel1.fvds.ru
Referencing malware binaries (MD5 hash):
00b7402b5445ae00f6cfff05b8957a36 — AV detection: 25 / 68 (36.76)
441e0667d0736ff4831cedd5f79925d8 — AV detection: 46 / 68 (67.65)
9d1af0100597194c6a4ff921f5cee664 — AV detection: 32 / 68 (47.06)
be287ae828eb23ef397f404a5455cc7d — AV detection: 45 / 68 (66.18)
cd9c969514291c96420097c9931a7327 — AV detection: 37 / 69 (53.62)
d91e5cdffef9b01ac193c0bc6d073f8d — AV detection: 47 / 67 (70.15)