Update CDN Hosts & Whitelist `surge.sh`

Build/constants/phishing-score-source.ts

@@ -40,7 +40,8 @@ export const WHITELIST_MAIN_DOMAINS = new Set([
   'wordpress.com',
   'cloud.microsoft', // actually owned by Microsoft
   'windows.net', // Microsoft refuses to add web.core.windows.net to the Public Suffix List
-  'myqcloud.com' // curben phishing-filter contains many entries
+  'myqcloud.com', // curben phishing-filter contains many entries
+  'surge.sh' // caused by phishing-filter, also no public suffix
 ]);
 
 export const leathalKeywords = createKeywordFilter([

Source/domainset/cdn.conf

@@ -577,6 +577,7 @@ filestore.community.support.microsoft.com
 .msftauthimages.net
 .sfbassets.com
 .sway-cdn.com
+cmtycdn.powerpages.microsoft.com
 # Microsoft CSP Violation Report
 csp.microsoft.com
 # uses Azure Blob Storage