diff --git a/src/unlocker/main.cpp b/src/unlocker/main.cpp
index e6726e3..ff104df 100644
--- a/src/unlocker/main.cpp
+++ b/src/unlocker/main.cpp
@@ -93,6 +93,7 @@ int main()
         Log::error("Proxy failed to start");
         return 1;
     }
+    g_Proxy->addWhitelistDomain("bhvrdbd.com");
     setProxy(true, std::format("127.0.0.1:{}", PROXY_PORT));
 
     /*
diff --git a/src/unlocker/proxy.cpp b/src/unlocker/proxy.cpp
index 75f0c12..99899e4 100644
--- a/src/unlocker/proxy.cpp
+++ b/src/unlocker/proxy.cpp
@@ -185,6 +185,11 @@ Proxy::~Proxy()
     shutdown();
 }
 
+void Proxy::addWhitelistDomain(const std::string& domain)
+{
+    _whitelistDomains.push_back(domain);
+}
+
 bool Proxy::init()
 {
     if (!_certManager.init()) return false;
@@ -319,6 +324,57 @@ void Proxy::handleClient(SOCKET clientSocket)
     freeaddrinfo(res);
     send(clientGuard, "HTTP/1.1 200 Connection Established\r\n\r\n", 39, 0);
 
+    /*
+        whitelist check
+    */
+    bool isWhitelisted = _whitelistDomains.empty();
+    for (const auto& d : _whitelistDomains)
+    {
+        if (host.find(d) != std::string::npos)
+        {
+            isWhitelisted = true;
+            break;
+        }
+    }
+
+    if (!isWhitelisted)
+    {
+        int tunnelIdleTimeouts = 0;
+        char buf[32768];
+        while (_running)
+        {
+            fd_set readfds;
+            FD_ZERO(&readfds);
+            FD_SET(clientGuard, &readfds);
+            FD_SET(remoteGuard, &readfds);
+            struct timeval tv = {1, 0};
+
+            int sel = select(0, &readfds, NULL, NULL, &tv);
+            if (sel < 0) break;
+            if (sel == 0)
+            {
+                tunnelIdleTimeouts++;
+                if (tunnelIdleTimeouts > 30) break;
+                continue;
+            }
+            tunnelIdleTimeouts = 0;
+
+            if (FD_ISSET(clientGuard, &readfds))
+            {
+                int n = recv(clientGuard, buf, sizeof(buf), 0);
+                if (n <= 0) break;
+                send(remoteGuard, buf, n, 0);
+            }
+            if (FD_ISSET(remoteGuard, &readfds))
+            {
+                int n = recv(remoteGuard, buf, sizeof(buf), 0);
+                if (n <= 0) break;
+                send(clientGuard, buf, n, 0);
+            }
+        }
+        return;
+    }
+
     /*
         SSL
     */
@@ -509,8 +565,7 @@ void Proxy::handleClient(SOCKET clientSocket)
                 }
                 else if (serverStream.isChunked)
                 {
-                    if (serverStream.currentChunkIdx == 0)
-                        serverStream.currentChunkIdx = serverStream.headersEnd + 4;
+                    if (serverStream.currentChunkIdx == 0) serverStream.currentChunkIdx = serverStream.headersEnd + 4;
 
                     while (serverStream.currentChunkIdx < serverStream.buffer.size())
                     {
diff --git a/src/unlocker/proxy.h b/src/unlocker/proxy.h
index f50331f..fe338c8 100644
--- a/src/unlocker/proxy.h
+++ b/src/unlocker/proxy.h
@@ -33,6 +33,8 @@ class Proxy
         CallbackEvent<std::string&, const std::string&, std::string&> OnClientRequest;
         CallbackEvent<const std::string&, std::string&, std::string&> OnServerResponse;
 
+        void addWhitelistDomain(const std::string& domain);
+
     private:
         void loop();
         void handleClient(SOCKET clientSocket);
@@ -51,4 +53,6 @@ class Proxy
 
         CertManager _certManager;
         SSL_CTX* _clientCtx = nullptr;
+
+        std::vector<std::string> _whitelistDomains;
 };