That’s because the protocol is ICMP, and there are no ports in ICMP.
I don’t think so, but without knowing what this system is supposed to do, and further information on your usual network traffic, that’s hard to tell for sure.
126.96.36.199 hosts a nameserver operated by Yandex. Giving it a quick look, I was unable to spot anything malicious on this IP address.
Also, I really don’t think treating IP space located in Russia as malicious per se provides any security benefit. Dropping traffic from and to hostile networks (“hostile” because of their reputation, not the country they are located in) would be a more precise approach in my opinion.