I visited a site that is considered safe (themoscowtimes.com) by trafficlight and WOT. There was an article that I was interested in, so I clicked on it and MBAM immediately intervened and blocked an IP address countering that it was malicious. The IP address associated with themoscowtimes is different from the one that was blocked. I checked the IP address that was blocked 18.104.22.168 ( Russian Federation in Moscow forum spam). Is this a go-around to avoid the safe-site check, embed the malicious site inside the articles? If so, should not the parent IP address also be blocked as they must know about it?