lines can hold domains with following rules:
* only domain names (www.google.com, ...) are allowed (no urls: www.google.com/accounts, no protocol at the beginning: http://,...)
* only exact domain names work (*oogle.com does not block google.com)
* a . (dot) at the beginning whitelists all subdomains (.google.com blocks www.google.com, mail.google.com, .....)

examples:

urs.microsoft.com (only this subdomain is allowed)
.sun.com (all subdomains of sun.com are allowed)