There are 4 different color codes used in the URL Abuse application: which you can find here:
URL Abuse performs multiple tests in order to review the security:
As URL Abuse performs multiple tests as described above, URLs are submitted to different CIRCL services but also external services like VirusTotal or EU Phishing Initiative. CIRCL uses the URLs to improve classification of malicious URLs or passive DNS data. If the URLs are sent to CIRCL via the “Send report to CIRCL”, CIRCL will review the maliciousness level of the URL and notify owner or/and hosting companies of the URLs to review the security and proceed to a clean-up if required. What kind of information is kept when the URL is reported?
When you click on “Send report to CIRCL”, the following information is kept from the submission:
The submitter should also review the URL to ensure that no personally identifiable information is included.
IP addresses from anonymity networks (e.g. Tor) are allowed to use the service.
The architecture of the URL Abuse software is modular. So you can contribute easily additional modules or expand the interface to your own needs.