The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
RustyStealer botnet controller located at 95.217.123.28 on port 80 (using HTTP POST):
hXXp://mythic.fckinpwned.cn/data
$ dig +short mythic.fckinpwned.cn
95.217.123.28
$ nslookup 95.217.123.28
static.28.123.217.95.clients.your-server.de
Referencing malware binaries (MD5 hash):
f1c8a0ca2faca15f084dae33589a1195 — AV detection: 5 / 69 (7.25)