Possibly "DNS rebinding" prevention? (an attack on routers with 'default' configurations)
Merely viewing a page from a site (1st party) or concurrently served 3rd party site, which has a crafted malicious "script" (JavaScript or Flash); and your browser has Flash or JavaScript allowed, would give the NoScript notification.
Since plug-ins like Flash have their own "DNS name spaces", and it makes a request for a link you've clicked, then that second request is made, but instead of returning the IP address of the site, it returns an IP address that is your router. (like 1192.168.1.1 for example); and that means it has full permission within the same-origin policy to do anything it wants.
It's able to establish a web browser session, a web connection to your router, login without you knowing it, assuming that you didn't change your username and password (to the router Administration).
It can identify the brand, make, and model of your router from the greeting page, then look up in its own little dictionary the default username and password, and it's able to log on.
Router "rebinding attacks" allow your computer to serve as a proxy operating inside your network, and has access to any of the machines in your network.
Condensed from Security Now, #260; https://www.grc.com/sn/sn-260.htm
---------
A helpful NoScript reference page for some additional functions: http://noscript.net/features#contentblocking