Why I'd like to block this external link from EastNet website...

See the link scanned here: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=t2.trackalyzer.com%2Ftrackalyze.js&ref_sel=GSP2&ua_sel=ff&fs=1
and here: http://urlquery.net/report.php?id=1492430459531
Consider: http://www.domxssscanner.com/scan?url=http%3A%2F%2Ft2.trackalyzer.com%2Ftrackalyze.js
and the relation to blockui.js!
Script is found to be benign but kicks up errors

cript
info: [javascript variable] URL=-t2.trackalyzer.com/trackalyze.asp?r=
info: [javascript variable] URL=-t2.trackalyzer.com/trackalyze.asp?i=
info: [img] 127.0.0.1/
info: [decodingLevel=0] found JavaScript
info: [var linkreefer] URL=-t2.trackalyzer.com/trackalyze.asp?r=undefined&p=script&i=1&llnocookies=undefined
info: [var newurl] URL=-t2.trackalyzer.com/trackalyze.asp?r=undefined&p=script&i=1&llnocookies=undefined
info: [img] t2.trackalyzer.com/trackalyze.asp?r=undefined&p=script&i=1&llnocookies=undefined
info: [decodingLevel=1] found JavaScript

On those persistent cookies and other backlinks:

-http://tracky.com/ 3rd-party 0 Persistent 0 Session 0 Score ?
-http://trackapartner.com/ 3rd-party 0 Persistent 4 Session 1 Score ?
-http://cb-tracker.com/ 3rd-party 0 Persistent 4 Session 1 Score ?
-http://t3.trackalyzer.com/trackalyze.js 3rd-party 0 Persistent 0 Session 0 Score ?
-http://t2.trackalyzer.com/trackalyze.js 3rd-party 0 Persistent 0 Session 0 Score ?
-http://trackrc.com/ 3rd-party 0 Persistent 1 Session 0 Score ?
-http://trackalytics.com/ 3rd-party 0 Persistent 2 Session 1 Score ?
-http://t.trafmag.com/tracking.js Status Connection error ( error)
-http://js.wwbads.com/track/track.min.js Status Connection error ( error)
-http://trackalerts.com/ 3rd-party 3 Persistent 10 Session 2 Score ?
-http://trackit.com/ 3rd-party 4 Persistent 15 Session 8 Score ?
-http://common.hkjc.com/wa/wa_tracker.js Status Connection error ( error)
-http://trackif.com/ 3rd-party 1 Persistent 6 Session 1 Score ?
-http://i-tm.com.tw/api/itm-tracker.js Status 200
-http://tradetracker.com/ 3rd-party 0 Persistent 4 Session 1 Score ?
-http://www.tolvnow.com/tracker/tn.js Status 200
-http://trackmaker.com/ 3rd-party 1 Persistent 4 Session 3 Score ?
-http://trackingjs.com/ 3rd-party 0 Persistent 4 Session 1 Score ?
-http://trackalytic.com/ 3rd-party 0 Persistent 0 Session 0 Score ?
-https://www.w3counter.com/tracker.js 3rd-party 0 Persistent 1 Session 0 Score ?
-http://tracker.cartprotector.com/cartprotector.js 3rd-party 0 Persistent 0 Session 0 Score ?
-http://tracker-rms.com/ 3rd-party 0 Persistent 1 Session 1 Score ?
-http://cdn.mercent.com/js/tracker.js 3rd-party 0 Persistent 0 Session 0 Score ?
-http://trackx.com/ 3rd-party 1 Persistent 7 Session 4 Score ?
-http://static-sb.com/js/sb-tracker.js 3rd-party 0 Persistent 0 Session 0 Score ?

All reason enough for me to wanna keep it blocked from running inside my browser.

More insecurity on the Internal Server error on Microsoft-IIS/8.5 →
https://asafaweb.com/Scan?Url=t2.trackalyzer.com%2Ftrackalyze.asp%3Fi%3D
Warning

Result
It looks like 2 cookies are being set without the “HttpOnly” flag being set (name : value):

loop :
FB_cookie : 218239498.XXXXX.0000
Unless the cookie legitimately needs to be read by JavaScript on the client, the “HttpOnly” flag should always be set to ensure it cannot be read by the client and used in an XSS attack.

polonus (volunteer website security analyst and website error-hunter)