What's new

Malicious sites blocking

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

MaplewoodGeek

New Around Here
I enabled the AI Protection on my AX92U and I frequently get reports like this:

Alert type : Malicious Sites Blocking
Source : (Router MAC address)
Destination : api.movcloud.net

I've Googled that site and I cannot find anything about it being a malicious site.

Does anyone know why the router is reporting blocking access to this site? Would it be outbound or inbound access that it has blocked? It only listed the MAC address of the router, not the address of any of my internal systems connected to the router.
 
It was incorrectly listed on some sites as hosting malware back in April. Check that your AiProtection signatures are up to date.

EDIT: Looks like Trend Micro has reclassified it as "Scam website: This website is hosting scams".
 
Last edited:
I updated my signature files anyway. I'm curious why it shows the router MAC address as the node it blocked instead of some IP on my network.
 
I updated my signature files anyway. I'm curious why it shows the router MAC address as the node it blocked instead of some IP on my network.
IP addresses can change for device on your network, by listing the MAC it confirms exactly which device the blocked URL request originated from. Helpful if all the IP addresses have changed when you go back and check the protection logs.
 
IP addresses can change for device on your network, by listing the MAC it confirms exactly which device the blocked URL request originated from. Helpful if all the IP addresses have changed when you go back and check the protection logs.
That would make sense if it listed the MAC of the node connected to the router. It lists the MAC of the router itself.
 
That would make sense if it listed the MAC of the node connected to the router. It lists the MAC of the router itself.
Right so missed that detail sorry.

Just assumed it was like mine where the MAC of the device is listed.

No idea then because I’ve never seen that happen and I been running with AiProtection for a couple of years.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top