BBVA domain categorized as thread and blocked
Subdomain movil.bbva.es which belongs to BBVA ( the second biggest bank in Spain ) and that is used for their mobile app are categorized as threats because the AI engine classify them as so and also because they appear in the "Threat Intelligence Feeds" source.
The detection is completely right and honestly impressive to see since its a Phishing Domain getting detected through CNAME.
if you check movil.bbva.es through Virustotal you get a single detection by ESET but that could be considered a false positive, looking at the CNAME that site leads to though (you can see this hovering over the info button on the logs.) it has 9 detections.
So the AI/Threat Intelligence blocking that domain is completely justified. Kaspersky/Eset/Phishing Database all tag this as a Phishing URL.