The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Malware botnet controller located at 176.9.111.171 on port 15647 TCP:
$ telnet 176.9.111.171 15647
Trying 176.9.111.171…
Connected to 176.9.111.171.
Escape character is ‘^]’
$ nslookup 176.9.111.171
static.171.111.9.176.clients.your-server.de
Referencing malware samples (MD5 hash):
05c4c33145ea7913fa05fd3d10b5ba9d — AV detection: 29 / 63 (46.03%)
44ed48450dc0d94b7fd11bbe314df256 — AV detection: 26 / 67 (38.81%)