The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
DCRat botnet controller located at 94.250.253.4 on port 80 (using HTTP GET):
hXXp://94.250.253.4/Wp/8testDownloads/0ProcessorTrafficmariadb/imageApiVoiddbpython/ProtonProcess/5/js/UniversalProcessVideoApi/7Base/Dlegeo58/2/ServerWindowsSql/2datalifeEternalsecure/processDefaultLinuxwindows.php
$ nslookup 94.250.253.4
melanieliza.fvds.ru
Referencing malware binaries (MD5 hash):
e7dac1680784996bdbd5f97595c351b4 — AV detection: 49 / 66 (74.24)