The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Malware botnet controller located at 20.106.94.110 on port 2404 TCP:
$ telnet 20.106.94.110 2404
Trying 20.106.94.110…
Connected to 20.106.94.110.
Escape character is ‘^]’
$ dig +short dynasty1.ddns.net
20.106.94.110
Referencing malware samples (MD5 hash):
426e7130f98459c205493dfc1054664c — AV detection: 25 / 67 (37.31%)
4e5cbcc02a01e599dbb98995420c6174 — AV detection: 54 / 69 (78.26%)