Another one:
https://urlquery.net/report.php?id=1444751087598Flagged: -mc.yandex.ru/metrika/watch.js & -counter.marketgid.com/js/mui.js?cbuster=1159217 flagged by Fortinet's Webfilter and -counter.yadro.ru blacklisted on DNS-BH / malwaredomains.com.
More malware reported in reports on same IP and domain there.
tracking detected from GoogleAnalytics, LiveInternet, Yandex.API, Yandex.metrics. (analytics and widget)
Blocked in my browser is tracking from -counter.yadro.ru, -stats.g.doubleclick.net, -yandex.st, -yandex.ru,
-mc.yandex.ru,
Not blocked is tracking from licensebuttons.net. and i.creativecommons.org
A unique ID could have been insecurely sent to Yandex, i.e. Yandex-uid.
-counter.marketgid.com/js/mui.js?cbuster=1159217 is blocked by DRWeb's extension as
Page blocked by Dr.Web Link Checker
Dr.Web has blocked following the advertising link to ensure your privacy. If you still want to follow this link, click the «Open incognito»button, in this case the link will be opened in incognito mode in your browser. If you do not want to receive such warnings, you can change the lock level settings Dr.Web Link Checker, this happened while scanning the link with the xss dom scanner.
Link tries to go here: -http://counter.tovarro.com/setmuidn/images/mui.gif?muidn=f9dTScDXrA9j -> GIF89a,D;
GoDaddy abuse being taken down -> see:
https://malwr.com/analysis/ZTQ5NzM0NmUzYmY1NGE1MWJiZmYwZmIwYjkyOGI4MGE/ &
https://www.virustotal.com/nl/domain/counter.tovarro.com/information/polonus (volunteer website security analyst and website error-tracker)