Update domain analyzer

[kiddinn]

The gist of it is:

• Look at url and domain attributes.
• If url, extract domain and add a domain attribute.
• Run similarity scorer on the domains using #734 (hides then commonly visited domains)
• Do some sort of analysis on the domains... either the ones that are not commonly visited or all of them... ideas would include something like:
  • VT or some other domain service lookups (slow)
  • Some re magic to make rudimentary checks if this is a generated domain
  • If we can find some clever way that does not require external service lookup to determine "evilness" of a domain
• Other ideas could be to do some counting as well... some statistics:
  • This domain has been seen X times, or X visits... simple counter
  • Domain visited above average, or in the top X%
  • Some sort of "anomaly" within seen domains.

[berggren]

Domain visited above average, or in the top X%

^-- This should be simple to add.

[berggren]

Sorry, closed by mis-click :)

[kiddinn]

781 added known CDN domains to limit some of the noise

[MariasStory]

Do you want to do ML to find phishy domains? Server side: https://github.com/csirtgadgets/tf-domains-example Browser: https://github.com/tensorflow/tfjs-examples/tree/master/website-phishing

[berggren]

Changing title for this one as the analyzer has been in production for some time now, and the remaining tasks are addition and feature requests.

[berggren]

@kiddinn what is the status of this one?

[berggren]

Re-assigning to Janosch for triage.