PBA marked an order as fraud or rejected payment on order placement in the Online Store based on fraud rule condition 'Customer's IP address is in the Black List of IP Adresses', however the IP address a customer placed order from is actually not in the IP range specified in the fraud rule condition in PBA.
For example, the following IP range is specified in the 'Black List of IP addresses' anti-fraud plugin in PBA:
18.104.22.168 - 22.214.171.124
An order placed from IP address 10.30.16.40 is detected as fraud despite of the fact that this IP address does not belong to the range above.
PBA errneously counts IP address as belonging to the black list of IP addresses. The problem is going to be fixed in one of the future updates to the product in scope of request #PBA-49955.
The only way to prevent the issue until PBA behavior is corrected is deleting the problem IP range from the black list of IP address in PBA Provider Control Panel at Configuration Director > Fraud Screening Settings > Fraud Screening Plugins > Fraud Screening Plugin Black List of IP addresses.