if this is a general IP block you can report a FP as Steven Winderlich states and ask your domain to be excluded.
I see this code hick-up:
commonscripts dot com/js/audioplayer/js/jquery-1.6.1.min.js benign
[nothing detected] (script) commonscripts dot com/js/audioplayer/js/jquery-1.6.1.min.js
status: (referer=wXw.pvcc.org/)saved 91342 bytes 6fca78dac2797c02d86a4bf6514eda398b7dbe62
info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP
info: [decodingLevel=0] found JavaScript
suspicious:
Quttera scan gives this potential suspicious code:
jquery-1.9.1.min.js
Severity: Potentially Suspicious
Reason: Detected procedure that is commonly used in suspicious activity.
Details: Too low entropy detected in string [[‘=%26=%26ontrue=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%261=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=%26=’]] of length 218 which may point to obfuscation or shellcode.
For the actual theat dump, see: http://jsunpack.jeek.org/?report=8b4b79bbabe2ed04d1a3493836090a147f7a71b4
The recommended scan at Sucuri’s is all green: http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fwww.pvcc.org%2F
Not a particular sp.net website but see some insecurity warnings here: https://asafaweb.com/Scan?Url=www.pvcc.org
also see: http://org.saferpage.de/pvcc
This could be at the culprit of the general IP alert (whever there are bad apples in that IP basket): http://sameid.net/ip/69.167.139.81/
There was some bad host activity in the past: http://www.projecthoneypot.org/ip_69.167.139.81
And certainly live malware launched from that same IP: http://support.clean-mx.de/clean-mx/viruses.php?review=69.167.139.81&sort=id%20DESC
Also see: https://www.virustotal.com/nl/ip-address/69.167.139.81/information/ (several sites with ET CURRENT_EVENTS Blackhole 16/32-hex/a-z.php Landing Page URI IDS alert and T CURRENT_EVENTS Blackhole 32-hex/a.php Landing Page/Java exploit URI IDS alert and
EXPLOIT-KIT Blackhole Exploit Kit landing page retrieval IDS alerts → (http://urlquery.net/report.php?id=5756468 &.0)
Reason for that IP to get a general block.
See also: http://urlquery.net/report.php?id=3109232 Is also flagged by PHISHWatch.
So Pondus estmation seems a real option, a general IP block,
polonus