- Overview
- Multi light - Hand brush: Light protection
- Multi normal - Broom: All-round protection
- Multi pro - Big broom: Extended protection
- Multi pro++ - Sweeper: Maximum protection (more aggressive)
- Multi ultimate - Ultimate Sweeper: Aggressive protection
- Fake - Protects against internet scams, traps & fakes!
- Threat Intelligence Feeds - Increases security significantly!
- DoH/VPN/TOR/Proxy Bypass - Prevent methods to bypass your DNS!
- Safesearch not supported - Prevent the use of search engines that do not support safesearch!
- Dynamic DNS - Protects against the malicious use of dynamic DNS services!
- Badware Hoster - Protects against the malicious use of free host services!
- Most Abused TLDs - Protects against known malicious Top Level Domains!
- Personal - My manually maintained blacklist
- Native Tracker - Broadband tracker of devices, services and operating systems
- Credits
- Supporter - Leave a star (top right)!
- Recommendation
- Online DNS Services: RethinkDNS / DNSforge / DNSwarden / AdGuardDNS / ControlD / NextDNS
- About / Referral Domains / Support Me
- Sources/Statistics
- Raw data collection - Data collection to generate the DNS blocklists
An all in one DNS blocklist in various versions (light, normal, pro, pro++ and ultimate). It can be used as a stand alone blocklist. For every region. Blocks ads, affiliate, tracking, metrics, telemetry, fake, phishing, malware, scam, coins and other "crap". Based on various blocklists.
Version | Hosts | Pro++ | Pro | Normal | Light | Fake | TIF | Personal |
---|---|---|---|---|---|---|---|---|
Light | 272872 131966 |
= | X | P | X | |||
Normal | 959393 315068 |
= | X | X | P | X | ||
Pro | 1252994 458446 |
= | X | X | X | P | X | |
Pro++ | 1367158 475428 |
++ | X | X | X | P | X | |
Ultimate | 2076164 823377 |
++ | X | X | X | X | X | X |
X = contains the named lists in the column header
P = partially contains the named list in the column header
++ = more sources, more aggressive
Hand brush - Cleans the Internet and protects your privacy! Blocks Ads, Tracking, Metrics, some Malware and Fake.
Entries: 272872 domains/hosts - 131966 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Broom - Cleans the Internet and protects your privacy! Blocks Ads, Affiliate, Tracking, Metrics, Telemetry, Phishing, Malware, Scam, Fake, Coins and other "Crap".
Entries: 959393 domains/hosts - 315068 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Big broom - Cleans the Internet and protects your privacy! Blocks Ads, Affiliate, Tracking, Metrics, Telemetry, Phishing, Malware, Scam, Fake, Coins and other "Crap".
Entries: 1252994 domains/hosts - 458446 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Sweeper - Aggressive cleans the Internet and protects your privacy! Blocks Ads, Affiliate, Tracking, Metrics, Telemetry, Phishing, Malware, Scam, Fake, Coins and other "Crap".
More aggressive version of the Multi PRO blocklist. It may contain few false positive domains that limit functionality. Therefore it should only be used by experienced users. Furthermore, an admin should be available to unblock incorrectly blocked domains. Reported false positive domains will be removed from the list!
Entries: 1367158 domains/hosts - 475428 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Ultimate Sweeper - Strictly cleans the Internet and protects your privacy! Blocks Ads, Affiliate, Tracking (+Referral), Metrics, Telemetry, Phishing, Malware, Scam, Free Hoster, Fake, Coins and other "Crap".
Stricter version of the Multi PRO++ blocklist. It may contain false positive domains that limit functionality. Therefore it should only be used by experienced users. Furthermore, an admin should be available to unblock incorrectly blocked domains. Reported false positive domains will be removed from the list!
Entries: 2076164 domains/hosts - 823377 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Expires: 24 hours (update frequency)
An blocklist for blocking fake stores, -news, -science, -streaming, rip-offs, cost traps and co.
Entries: 10293 domains/hosts - 5382 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Expires: Updated regularly
An blocklist for blocking malware, crypto, coin, scam, spam and phishing. Blocks domains known to spread malware, launch phishing attacks and host command-and-control servers.
Entries: 1038623 domains/hosts - 590675 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Expires: 24 hours (update frequency)
Prevent method to bypass your DNS. To ensure the bootstrap is your DNS server you must redirect or block standard DNS outbound (TCP/UDP 53) and block all DNS over TLS (TCP 853) outbound.
The block list exists in two versions:
Entries: 1432 domains/hosts - 1316 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Expires: Updated regularly
Entries: 363 domains/hosts - 277 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Expires: Updated regularly
An blocklist for blocking search engines that do not support safesearch.
Entries: 152 domains/hosts - 149 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Expires: Updated regularly
An blocklist for blocking dynamic DNS services to protect against malicious use in phishing campaigns and others.
Entries: 793 domains/hosts - 791 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Expires: Updated regularly
An blocklist for blocking known free hosters that also host badware via user content to prevent the use of these hosters for malicious purposes.
Entries: 51 domains/hosts - 50 compressed domains | Sources/Statistics
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Expires: Updated regularly
An blocklist for blocking Top Most Abused Top Level Domains, merged from @Yokoffing, @DandelionSprout and SpamHaus.
Format | Link | Can be used for |
---|---|---|
AdGuard | RAW | AdGuard, AdGuard Home |
uBlock | RAW | uBlock |
Expires: Updated regularly
My personal blocklist, an extension for known blocklists. Blocks ads, trackers, native device trackers, badware and more. Not intended to be used as a standalone blocklist, it serves as a addition for other blocklists!
Entries: 73729 domains/hosts - 30492 compressed domains
Format | Link | Can be used for |
---|---|---|
Domains | RAW | PiHole, Blocky, eBlocker, Diversion, OpenSnitch, PersonalDNSfilter, pfBlockerNG, PersonalBlocklist, TechnitiumDNS |
Hosts | RAW | Blocky, eBlocker, AdAway, uMatrix, DNS66, GasMask, HostFileEditor, OpenSnitch, NetGuard, TechnitiumDNS |
Adblock | RAW | AdGuard, AdGuard Home, eBlocker, uBlock, AdBlock, AdBlock Plus, Opera, Vivaldi, Brave |
Unbound | RAW | Unbound |
DNSMasq | RAW | DNSMasq |
Wildcard | RAW | DNSCrypt, DNSCloak, YogaDNS, ... |
RPZ | RAW | Response Policy Zone |
Expires: Updated regularly
Blocks native broadband tracker from devices, services and operating systems that track your activity.
Device/Service | Domains | Hosts | Adblock | Unbound | DNSMasq | Wildcard | RPZ |
---|---|---|---|---|---|---|---|
Apple (iOS, macOS, tvOS) | RAW | RAW | RAW | RAW | RAW | RAW | RAW |
Huawei (Devices) | RAW | RAW | RAW | RAW | RAW | RAW | RAW |
Microsoft (Windows, Office, MSN) | RAW | RAW | RAW | RAW | RAW | RAW | RAW |
TikTok (Fingerprinting) | RAW | RAW | RAW | RAW | RAW | RAW | RAW |
Expires: Updated regularly
A huge thank you to the following list maintainers of the sources that were partially used, alphabetical order:
abpindo, abpvn, abuse.ch, adaway, adguardteam, adroitadorkhan, amnestytech, anti-ad, anudeepnd, assoechap, azorult-tracker.net, badmojr, barbblock, bigdargon, bkrucarci, blahdns, bongochong, botvrij.eu, cats-team, cbuijs, cert-agid.gov.it, cipherops, cmiksche, craiu, d3ward, dandelionsprout, davidonzo, developerdan, digitalside.it, dogino, drsdavidsoft, durablenapkin, easylist, easylist-lithuania, easylist-thailand, elliotwutingfeng, fademind, fanboy, firebog.net, frogeye.fr, gioxx, guardicore, hblock, hexxiumcreations, hole.cert.pl, hoshsadiq, hpthreatresearch, hufilter, iam-py-test, ihgalis, infinitytec, jawz101, jdlingyu, jkrejcha, joewein.net, kargig, kees1958, kevinthomas0, kriskintel.com, laicure, laniksj, lassekongo83, latvian-list, list-kr, logroid, malware-filter, marco-acorte, matomo-org, metamask, migueldemoura, mitchellkrogza, molinero.dev, mvps.org, netlab.360, nextdns, nitrohorse, notonmyshift, notracking, oisd.nl, olbat, oneoffdallas, ookangzheng, paulgb, perflyst, phishing.army, piperun, piquark6046, polishfiltersteam, prodaft, quidsup, rescure.me, scafroglia93, shadowwhisperer, shallalist, shreyasminocha, sjhgvr, smed79, someonewhocares.org, stamparm, stanev.org, stevenblack, stopforumspam.com, symbuzzer, systemjargon, t145, th3m3, tiuxo, tomasko126, ublockorigin, ultimate-hosts, uniartisan, ut1, velesila, wally3k, yokoffing, yourduskquibbles, yous, yoyo.org, zerodot1, zoso.ro
As a network-wide DNS blocker, I recommend using Adguard Home, PiHole, TechnitiumDNS, Blocky (advanced users) or eBlocker.
DNS blocker offer a good protection of privacy by blocking tracking, metrics and telemetry. They can be used to block the vast majority of ads, malware, scam, fake and co, but not everything can be blocked at the DNS level!
Therefore, I additionally recommend the use of a browser content blocker such as AdGuard or uBlock with the appropriate block lists (EasyList, AdGuard, uBlock, ...).
Check out @yokoffing's Recommended Filters for uBlock Origin for content blocker filter lists.
If you don't run your own DNS server on your home network or if you are looking for additional protection for your mobile devices when they are not connected to the home network, then I recommend one of the following DNS services:
In RethinkDNS you can use my blocklists:
Blocklists | DNS-over-HTTPS | DNS-over-TLS | Apple Mobileconfig |
---|---|---|---|
Normal (PRO + TIF) | https://sky.rethinkdns.com/1:AAoACBAA |
1-aafaacaqaa.max.rethinkdns.com |
Visit and click on the red apple |
Aggressive (PRO plus + TIF) | https://sky.rethinkdns.com/1:AAoACAgA |
1-aafaacaiaa.max.rethinkdns.com |
Visit and click on the red apple |
Strikt (ULTIMATE) | https://sky.rethinkdns.com/1:gAAAQA== |
1-qaaaaqa.max.rethinkdns.com |
Visit and click on the red apple |
DNSforge uses my light blocklist:
Blocklists | DNS-over-HTTPS | DNS-over-TLS | DNS-over-QUIC |
---|---|---|---|
Normal (LIGHT + more) | https://dnsforge.de/dns-query |
dnsforge.de |
quic://dnsforge.de:853 |
In DNSwarden you can use my light, multi, pro, pro++ and tif list.
My blocklist recommendations for AdGuardDNS are:
Profile | Blocklists |
---|---|
Pro | 1Hosts (Lite) + AdGuard DNS + HaGeZi Personal Black & White + OISD full + NoTracking + StevenBlack |
Black & White includes: Personal + Wildcard Rules + Fake + Whitelist + Whitelist Referral
You can also import my server settings, it contains - under the user rules - also my RegEx rules. Follow these download instructions to save the file in the correct format!
In ControlD you can use my blocklists:
Blocklists | DNS-over-HTTPS | DNS-over-TLS/QUIC |
---|---|---|
Normal | https://freedns.controld.com/x-hagezi-normal |
x-hagezi-normal.freedns.controld.com |
Pro | https://freedns.controld.com/x-hagezi-pro |
x-hagezi-pro.freedns.controld.com |
Pro Plus | https://freedns.controld.com/x-hagezi-proplus |
x-hagezi-proplus.freedns.controld.com |
In NextDNS you can use my light, multi, pro, pro++ and ultimate list.
Check out @yokoffing NextDNS Config Guide for recommended NextDNS configuration settings.
"If the plan doesn‘t work, change the plan but never the goal."
There's no place like 127.0.0.1!
The blocklists are based on various sources and my own blacklists. They were designed to avoid false positive domains as much as possible without losing effectiveness and efficiency. Dead hosts are regularly removed from the lists to keep them as small as possible. Made with 💓 for a safer and cleaner internet.
All lists were tested against 6000 websites from the Cisco Umbrella Top 1 million list. It was checked whether the pages load, the page content is displayed correctly, navigation links work, images load, videos start and much more.
They are updated and maintained daily.
No, it's not just blocklists cobbled together from multiple sources. They have been optimized and extended to efficiently "clean the Internet" in all areas.
Test them and give feedback!
Please report false positive domains.
Affiliate and tracking links (referral domains) that appear frequently on offer web pages, in emails or in search results are allowed in my lists. These are mostly called only after manual clicking on a link and are not used to display advertising. If these are blocked, the first hit links from search results, for example, no longer work.
Referral domains have been removed from all lists except from the ultimate list, only some of them were removed but not all!
There are users who want to block referral domains anyway, so for each list I show the domains that were whitelisted because of referral. You can see them in the list of used sources behind the link "whitelisted referral domains" per list. This list can then be used as a blocklist to "undo" the whitelisting of referral domains.
Allowing referral domains in my lists is equivalent to the NextDNS feature "Privacy > Allow Affiliate & Tracking Links".
I do not want any money donations. If you don't know what to do with your money, invest it in aid or similar projects, do something good with it. There is enough misery in the world.
Accepting money donations would also be absolutely unfair to the maintainers of the sources used, that's not my way. Without the existing lists. these lists would be simply nothing.
If you like the project and you can benefit from it, leave a ⭐ (top right) and become a stargazer!
Give feedback, show me your ideas, report false positve domains and help to keep the internet safe and clean.
Help and cooperation of any kind is welcome!
Thanks for your support!