Flag some URL and domains as suspicious/shady (such as ipinfo.io or httpbin.org)

[fraxken]

The URL https://ipinfo.io/json are used in malicious packages to exfiltrate the IP of the machine, see: https://socket.dev/npm/package/all-star-2019/files/14.8.3/index.js#L22

I think it's relatively safe to flag this URL as suspicious (we should use the newly added flags on SourceFile). Not sure if we want a shady-link warning here too.

js-x-ray/src/probes/isLiteral.js

Lines 52 to 62 in e466275

	else {
	for (const regex of kShadyLinkRegExps) {
	if (regex.test(node.value)) {
	sourceFile.addWarning("shady-link", node.value, node.loc);
	return;
	}
	}
	sourceFile.analyzeLiteral(node);
	}

[fraxken]

Also https://httpbin.org/ip