That is so completely bass-ackwards it’s not even comprehensible. If the router knows you’re trying to connect to a malicious site, it should block your access to that site. Taking action against your device in this scenario doesn’t serve any purpose at all. I’m going to assume that this router is incredibly misconfigured, and that’s not a default behavior.

Routers are stupid (and the engineering around them is often incompetent), here's a random incidental example of how they used to make life hard for Chrome 10 years ago: https://bugs.chromium.org/p/chromium/issues/detail?id=12066#...

I think the logic is that if you're browsing blackhat.com then you are a malicious user, going there to download hacking tools or attacking the network.

Sounds like you should put the manufacturer on a blacklist.