HaGeZi DNS Blocklists

Websitehttps://github.com/hagezi/dns-blocklists
CategoryDNS & Domain Blocklists

HaGeZi DNS Blocklists are a set of curated, multi-level DNS blocklists designed for ad blocking, tracker prevention, and malware protection. Maintained actively on GitHub, they offer graduated protection levels from light filtering to aggressive blocking, making them one of the most popular choices for DNS-based content filtering.

Source:HaGeZi DNS Blocklists

What are HaGeZi DNS Blocklists?

HaGeZi provides several tiers of DNS blocklists, each offering progressively stricter filtering:

  • Light blocks the most common advertising and tracking domains with minimal risk of false positives. Suitable as a baseline for users who want unobtrusive protection.
  • Normal expands coverage to include a broader range of ad networks, analytics services, and known tracking domains.
  • Pro adds aggressive blocking of less common trackers, telemetry endpoints, and potentially unwanted domains.
  • Pro Plus extends Pro with additional sources and stricter classification.
  • Ultimate applies maximum blocking, including borderline domains that other lists leave unblocked.

Beyond the tiered lists, HaGeZi also provides specialized lists targeting specific threat categories such as threat intelligence, native device telemetry (for platforms like Windows, iOS, and Android), gambling, dating, NSFW content, and cryptocurrency mining domains.

The lists are compiled from dozens of upstream sources, deduplicated, validated against false positive reports, and published in multiple formats compatible with Pi-hole, AdGuard, uBlock Origin, and other DNS filtering tools. The project is one of the most actively maintained blocklist collections on GitHub, with frequent updates reflecting the constantly shifting landscape of advertising and tracking infrastructure.

How We Use This Data

We integrate HaGeZi blocklist data into our domain lookup pages. When you query a domain on robtex.com or rbls.org, we check whether it appears on any of the HaGeZi lists and display which level(s) flag it. This tells you at a glance whether a domain is associated with advertising, tracking, or malware according to one of the most widely used community blocklists.

This is valuable for domain reputation assessment: a domain appearing on the Light list is broadly recognized as an ad/tracking domain, while one appearing only on Ultimate may be a borderline case. Security researchers and network administrators can use this information to evaluate domains encountered in logs, email headers, or network traffic.

FAQ

What does it mean if a domain is on the HaGeZi "Light" list versus "Ultimate"?
The Light list contains only the most widely agreed-upon advertising and tracking domains with very high confidence. If a domain appears on Light, it is almost certainly an ad or tracker. The Ultimate list includes everything from Light through Pro Plus, plus additional borderline domains. Appearance only on Ultimate suggests the domain is flagged under more aggressive criteria and may have legitimate uses alongside its flagged behavior.
How are HaGeZi blocklists different from other DNS blocklists?
HaGeZi aggregates and curates from many upstream sources rather than maintaining a single monolithic list. Each tier is carefully balanced for false positive rates, which means you can choose a protection level that matches your tolerance for potential breakage. The project is also unusually active in responding to false positive reports and adjusting classifications, which keeps the lists reliable for production use.
Can I use HaGeZi lists to block domains on my own network?
Yes. HaGeZi publishes lists in formats compatible with Pi-hole, AdGuard Home, AdGuard DNS, uBlock Origin, and other popular DNS filtering tools. You can subscribe to the appropriate list URL in your tool's settings. The HaGeZi GitHub repository provides direct links for each format and tier. For most home users, the Normal or Pro tier offers a good balance of protection and compatibility.