diff --git a/Source/domainset/cdn.conf b/Source/domainset/cdn.conf
index 956a0927..e064a31e 100644
--- a/Source/domainset/cdn.conf
+++ b/Source/domainset/cdn.conf
@@ -738,8 +738,8 @@ media.smooch.io
 .zdusercontent.com
 web-assets.zendesk.com
 web-assets.zendesk.co.jp
-# https://www.zendesk.com/blog/welcome-zopim/
-v2uploads.zopim.io
+assets.zendesk.com # https://assets.zendesk.com/hc/assets/default_avatar.png
+v2uploads.zopim.io # https://www.zendesk.com/blog/welcome-zopim/
 
 # >> squarespace
 assets.squarespace.com
@@ -1022,6 +1022,7 @@ events.ld.catamorphic.com
 creative.eizzih.com
 analytics.canarymail.io
 .dc-telemetry.net
+openreplay-new.deel.tools
 # these domains pop up few months ago, dont block since we dunnno what they are
 # but they can definitely go through secondary policy
 .ogads-pa.googleapis.com
@@ -5154,7 +5155,8 @@ upload.teftera.com
 .lazcdn.com
 icms-image.slatic.net
 lzd-img-global.slatic.net
-website-media.deel.com
+website-media.
+media.letsdeel.com
 cdn.tindiemedia.com
 cdn.hackaday.io
 hawky.pcgamer.com
@@ -5172,3 +5174,5 @@ static.ahu.moe
 assets.endorsely.com
 assets.openalternative.co
 prod-images.rippling.com
+cdn.macstories.net
+static.sdkassets.chime.aws