last updated: Mon, 15 Jul 2024 12:50:47 GMT last validated: Fri, 12 Jul 2024 12:06:30 3545 ad server hostnames; 7804 IP addresses
main: [ about the list | how it works | four easy steps | latest news | submit hostnames | ways to use the list | lookup ]
tools: [ hosts file -> BIND converter | BIND zone file creator | miscellaneous scripts | software archive | links ]
more: [ main page | site news | list of formats | policy | RSS: updates, news | other bits and pieces | email ]
Latest news updates LIVE from the front Refreshing items of nostalgia from RECENT HISTORY!
This is old news that I've moved off the front page. Click → here ← to go to the front page.
Fri, 12 May 2023 13:27:04 +0100 || Breaking parameter change: skip
Fri, 12 May 2023 13:02:07 +0100 || Update to unbound config file format
Tue, 03 Aug 2021 13:21:34 +0100 || Options added to restrict trackers and non-trackers in the list
Tue, 07 Apr 2020 11:05:42 +0100 || Privacy Sandbox app for Android
Thu, 06 Feb 2020 13:39:02 +0000 || Blocklists project by Jonathan Dugan
Mon, 13 Jan 2020 14:18:31 +0000 || PowerShell blocking module
Sun, 12 Jan 2020 11:04:00 +0000 || Maza ad blocking
Mon, 16 Dec 2019 15:00:52 +0000 || HTTP requests are now redirected to HTTPS
Wed, 16 Oct 2019 08:43:20 +0100 || RPZ format added for BIND
Wed, 05 Dec 2018 18:15:36 +0000 || Patreon page for the blocklist
Thu, 30 Aug 2018 07:18:16 +0100 || Tempico Labs DNS server
Fri, 27 Jul 2018 08:43:19 +0100 || Little Snitch Rule Group Subscriptions format
Thu, 30 Nov 2017 10:00:53 +0000 || IP list - format added for Mikrotik routers
Wed, 03 Feb 2016 09:54:45 +0000 || HTTPS
Sun, 27 Dec 2015 21:55:46 +0000 || Little Snitch format added
Tue, 01 Dec 2015 10:01:13 +0000 || Ad blocking using DNS and Privoxy (with Squid for caching)
Mon, 16 Nov 2015 12:49:55 +0000 || Unbound DNS server format added
Mon, 05 May 2014 09:40:11 +0100 || Raspberry Pi distro for blocking ads
Tue, 11 Mar 2014 16:51:04 +0000 || PersonalHttpProxy
Fri, 05 Jul 2013 16:04:12 +0100 || New option: skip hostnames
Tue, 17 Jan 2012 10:31:29 +0000 || iptables format now uses REJECT
Thu, 21 Jul 2011 15:43:46 +0100 || New format: msfilter / IE9 protection list
Thu, 21 Jul 2011 13:28:49 +0100 || Information for Mac OS X users about the hosts file
Thu, 21 Jul 2011 13:20:54 +0100 || Opera AdBlock extension
Thu, 21 Jul 2011 13:14:31 +0100 || Bind config perl script from David Watson
Wed, 19 May 2010 09:20:07 +0100 || Glimmerblocker format added
Thu, 29 Apr 2010 13:33:24 +0100 || Interesting: article on how to block ads with a router
Thu, 29 Apr 2010 12:51:59 +0100 || New hostname format: ie8-private-xml for IE8 Private Browsing
Thu, 29 Apr 2010 11:50:33 +0100 || New IP format: PeerBlock
Wed, 05 Aug 2009 09:36:32 +0100 || Last-Modified date format fixed
Sat, 16 May 2009 15:21:56 +0100 || Policy Update
Mon, 11 May 2009 10:24:45 +0100 || "useip" fixed for dnsmasq format
Sun, 18 May 2008 09:00:39 +0100 || Donate button added
Sun, 13 Apr 2008 08:14:50 +0100 || Ad server hostname details
Fri, 28 Mar 2008 18:43:10 +0000 || alternate added
Sun, 16 Mar 2008 07:35:31 +0000 || Microsoft ISA Server 2006 XML format added
Fri, 02 Nov 2007 20:30:01 +0000 || Ad server submission disabled
Tue, 16 Oct 2007 23:52:01 +0100 || "Anyway, I was wondering if you'd be interested in running a text ad for the service on your site"
Tue, 16 Oct 2007 23:40:41 +0100 || RSS feeds 2.0
Sun, 16 Sep 2007 10:53:53 +0100 || Offline for a bit
Wed, 25 Jul 2007 07:00:30 +0100 || dnsmasq, Linksys, Tomato, local ad blocking, and you
Tue, 24 Jul 2007 12:55:16 +0100 || Interesting thread on dnsmasq
Fri, 20 Jul 2007 11:34:14 +0100 || dnsmasq format
Sat, 14 Jul 2007 13:27:07 +0100 || new format: pdnsd
Wed, 31 May 2006 15:43:26 +0100 || General update
Mon, 16 Jan 2006 18:17:03 +0000 || Help Wanted
Mon, 16 Jan 2006 11:37:12 +0000 || Site freak out
Sun, 19 Jun 2005 11:07:02 +0100 || Oops - crappy replies to submissions
Sun, 19 Jun 2005 10:17:34 +0100 || Make your own ad server list format
Sun, 19 Jun 2005 08:28:44 +0100 || Alternative URL for accessing the list of adservers
Sat, 28 May 2005 11:17:23 +0100 || AdBin, a free Windows hosts file editor
Sat, 28 May 2005 04:38:50 +0100 || Snort formats added
Sat, 30 Apr 2005 14:38:53 +0100 || Fix to the Adblock format
Thu, 20 Jan 2005 23:38:23 +0000 || MS ISA Server 2004 XML format added
Thu, 20 Jan 2005 22:48:15 +0000 || DOS script submitted for updating your hosts file with the latest version of the list
Thu, 20 Jan 2005 22:36:31 +0000 || Last-Updated HTTP header added for the list of ad servers
Thu, 20 Jan 2005 22:09:12 +0000 || News updates RSS 1.0 feed
Thu, 20 Jan 2005 21:32:46 +0000 || Squid update script updated
Thu, 20 Jan 2005 21:02:21 +0000 || Updating hosts files in Windows XP & 2000
Thu, 20 Jan 2005 20:56:26 +0000 || RSS 1.0 feed added
Thu, 20 Jan 2005 20:27:36 +0000 || Server info page added
Thu, 20 Jan 2005 18:41:54 +0000 || Inclusion policy added
Wed, 29 Sep 2004 20:13:48 +0100 || Plain text MIME type option fixed
Sun,  5 Sep 2004 15:26:45 +0100 || Ad server list weeded - validation scripts added
Tue, 31 Aug 2004 09:46:11 +0100 || No, really, it's fixed
Sat, 28 Aug 2004 21:13:53 +0100 || Bug fixed with server list
Fri, 20 Aug 2004 23:01:47 +0100 || Post-patch Win32 registry keys update (+date bug fixed)
Thu, 19 Aug 2004 15:53:11 +0100 || New Mozilla hostperm.1 format added
Mon, 16 Aug 2004 10:59:06 +0100 || Host names on Mac OS X 10.3.4 and 10.3.5
Thu,  5 Aug 2004 09:57:50 +0100 || Information about the hosts file for Classic Mac OS users
Thu,  5 Aug 2004 09:53:49 +0100 || Ad server hostname formats and options documented
Thu,  5 Aug 2004 05:21:05 +0100 || Firefox optimisation info
Sun, 23 May 2004 20:19:10 +0100 || Pixelserv: a tiny blackhole web server
Sun, 23 May 2004 19:27:12 +0100 || Information for Mac users about the hosts file
Sun, 23 May 2004 19:13:58 +0100 || BlockDNS.exe
Sun, 23 May 2004 19:00:21 +0100 || New format: pgl XML
Sun, 23 May 2004 17:50:27 +0100 || New format: all on one line
Sun, 23 May 2004 17:30:07 +0100 || Links list added
Sun, 20 Jul 2003 14:50:56 +0100 || New toy: hosts2zonefile - converts hosts files into BIND zone files
Sat Jul 19 22:01:05 CEST 2003 || Updated windows registry file for MS DNS; Public filtered DNS available
Sat Jul 19 21:20:53 CEST 2003 || Added option to view hostnames as an XML file for use with IE; finally cleared submissions queue
Sat Jul 12 02:24:36 CEST 2003 || Added option to view additions to the list after a specified date; noticed new site
Thu May 15 21:37:09 CEST 2003 || Squid config updated; alternate Squid config suggested; new Squid format added
Wed Apr 30 08:12:30 CEST 2003 || Plain text format added; Squid script & configuration details submitted
Wed Apr 30 02:55:17 CEST 2003 || Webwasher format added
Sun Mar 30 06:46:19 CEST 2003 || Online hosts file -> BIND zone file converter added
Sun Mar 30 05:41:56 CEST 2003 || BIND-PE script submitted - easily convert from hosts format to a nameserver
Sun Mar 30 01:36:42 CET 2003 || A purdy darn cool site
Sat Mar 15 22:30:08 CET 2003 || New formats added: netgear, webclean
Fri Mar 14 03:31:52 CET 2003 || Apology for the lack of updates
Sun Jan 26 22:14:05 CET 2003 || Communist?
news and stuff
# // Fri, 12 May 2023 13:27:04 +0100 Fri, 12 May 2023 13:27:04 +0100
Due to the way the caching is set up, I've had to change the format of the skip parameter. Previously, it used the PHP array assignment by allowing for "skip[][]". This has now been changed to comma separated:,

I don't think too many people use this format, so hopefully it won't be too painful. Sorry about this! I couldn't find another solution unfortunately.
# // Fri, 12 May 2023 13:02:07 +0100 Fri, 12 May 2023 13:02:07 +0100
The Unbound config file format has been updated to prepend a server: line. This was reported by a helpful user and should have been there all along. Thanks!
# // Tue, 03 Aug 2021 13:21:34 +0100 Tue, 03 Aug 2021 13:21:34 +0100
I've added a new query string parameter to my blocklist: onlytrackers. Set to 1 or some non-zero value and it'll only show entries from the list which are explicitly marked as trackers.

There's also an option to hide all trackers: notrackers.

Details on the formats page:


  • # // Tue, 07 Apr 2020 11:05:42 +0100 Tue, 07 Apr 2020 11:05:42 +0100
    Just wanted to share what looks like an excellent app for protecting your privacy: Privacy Sandbox for Android. It's a browser that blocks trackers and ads in the background, supports multiple lists, and can display stats on what's been blocked.

    Quite unknown at the time of writing - only 500+ installs - but it seems to be getting good reviews, and worth checking out! And, of course, it supports my list so there's a reason to install it if you need one, hah. Here's a direct URL:

  • # // Thu, 06 Feb 2020 13:39:02 +0000 Thu, 06 Feb 2020 13:39:02 +0000
    Jonathan Dugan sent over a note that he's maintaining a combined list on GitHub, which has its "current focus on corporations, for which there are no other maintained lists." You can see it here: Cheers Jonathan!
    # // Mon, 13 Jan 2020 14:18:31 +0000 Mon, 13 Jan 2020 14:18:31 +0000
    Matthew A. R. Sherian has emailed to share a PowerShell module he's written for managing blocking. Take a look on the PowerShell Gallery: Cheers Matthew!
    # // Sun, 12 Jan 2020 11:04:00 +0000 Sun, 12 Jan 2020 11:04:00 +0000
    Andros Fenollosa got in touch to share a NEAT tool he's made for blocking ads, usind dnsmasq. Check it out:
    # // Mon, 16 Dec 2019 15:00:52 +0000 Mon, 16 Dec 2019 15:00:52 +0000
    All requests to are now redirected over HTTPS. That's it!
    # // Wed, 16 Oct 2019 08:43:20 +0100 Wed, 16 Oct 2019 08:43:20 +0100
    I've added a new format: RPZ file format for use with BIND. Thanks to Charles Mercadal for suggesting this and providing examples and testing. You can use this here:
    # // Wed, 05 Dec 2018 18:15:36 +0000 Wed, 05 Dec 2018 18:15:36 +0000
    Hi. I've created a Patreon page for the blocklist:


  • This is for people who'd like to support the blocklist, and to sponsor me to get some of the things done from the fairly large todo list I have.
    # // Thu, 30 Aug 2018 07:18:16 +0100 Thu, 30 Aug 2018 07:18:16 +0100
    My colleague Vladimir Pissarev (who is part of the Security team in our company) mentioned to me that he runs a public DNS server that not only blocks ads and trackers, but also malware and viruses as well. Set your DNS to
    to use it!

    You can check out his security consultancy at Enjoy!
    # // Fri, 27 Jul 2018 08:43:19 +0100 Fri, 27 Jul 2018 08:43:19 +0100
    This is a little bit late, but there is a new format available for the latest version of Little Snitch which supports the new feature of "Rule Group Subscriptions". You can find it here:


    You might need to use the
    parameter to get it working from inside Little Snitch, though:



  • click here to load the Little Snitch UI and subscribe to this block list directly

  • # // Thu, 30 Nov 2017 10:00:53 +0000 Thu, 30 Nov 2017 10:00:53 +0000
    Ralf Neumann recently requested a new format to be added, and provided a sample for me to copy. So the IP list is now usable with Mikrotik routers:
    # // Wed, 03 Feb 2016 09:54:45 +0000 Wed, 03 Feb 2016 09:54:45 +0000
    Quick update: the site is now available over HTTPS.
    # // Sun, 27 Dec 2015 21:55:46 +0000 Sun, 27 Dec 2015 21:55:46 +0000
    Thanks to Bob for his help with adding the Little Snitch format.
    # // Tue, 01 Dec 2015 10:01:13 +0000 Tue, 01 Dec 2015 10:01:13 +0000
    Just thought I'd add a link to a nice post by Sam Hetherington-Hawthorne: Ad blocking using DNS and Privoxy (with Squid for caching)

    There's a couple of bits that aren't quite right - it's possible to use the useip parameter to specify which IP to use (or none at all), for example, but overall it's a great example of how to block ads.
    # // Mon, 16 Nov 2015 12:49:55 +0000 Mon, 16 Nov 2015 12:49:55 +0000
    I've finally added a format for use with the Unbound DNS server:

    Apologies that it took so long.
    # // Mon, 05 May 2014 09:40:11 +0100 Mon, 05 May 2014 09:40:11 +0100
    Justin Miller contacted me with some pretty cool news - he's made a Raspberry Pi distro which acts as a wifi access point that blocks ads. Pretty cool! Here's the details he sent:

    I’m releasing version super-mega-alpha- of noads, a raspberry
    pi distribution that’s designed to do nothing but provide an access
    point that provides an internet experience that is free of ads.

    Please keep in mind that this is a beta image, and uncompressed it is
    about a gig:

    If you don’t have a wifi card, this one is guaranteed to work (or at
    least works for me):

    It doesn’t matter which port you plug the wifi usb card in, it’ll go
    either way. Hook up everything but power, then power and you should in
    a few moments see an access point with the ssid “noads”. The password
    is “suchlackofads”. The ethernet cable can go into any of your LAN
    ports, assuming they’re not configured funk-ily. I’m using DHCP on the
    LAN side, so that needs to be there, which almost all wireless routers
    do by default. Feel free to update either in /etc/hostapd/hostapd.conf
    (in fact, I encourage it! though it’ll work either way).

    If you're up for testing this new beast, let me know if you experience
    any issues. It’s entirely possible that there will need to be more
    drivers supported/etc. for the wifi cards. You can log in as user root
    using the password “raspberry”. I strongly suggest changing this if
    there are clever people on your home network. The following is used
    for the adserver list:

    The image size is ~250 MB, and unpacks to 1000 MB.

    On a side note, I've been very lax about news updates that various people have been sending me. Sorry about that - I'll get to them one day!
    # // Tue, 11 Mar 2014 16:51:04 +0000 Tue, 11 Mar 2014 16:51:04 +0000
    Ingo Zenz has created an HTTP proxy that is "small and easy" and has a bunch of nice features, and uses this list to block ads and other unwanted hosts. It's called PersonalHttpProxy and is available here:

    Thanks Ingo!
    # // Fri, 05 Jul 2013 16:04:12 +0100 Fri, 05 Jul 2013 16:04:12 +0100
    I've added a new little feature to the ad list. You can now skip hostnames by using the parameter "skip". An example would be like this:[]

    or for multiple servers:[][]

    So, if you have problems with individual hostnames, update your subscription to skip whatever's causing you problems.
    # // Tue, 17 Jan 2012 10:31:29 +0000 Tue, 17 Jan 2012 10:31:29 +0000
    Just a quick update to note that the iptables format now uses REJECT instead of DROP. This is thanks to a tip from Tilman Vogel, who kindly sent me a note to say that:
    "the generated iptables script should use "-j REJECT" instead of "-j DROP" because the latter just drops the packet without notification, so the browser (or other client) will just wait for a reply until timeout. REJECT will immediately send back a "Connection refused" packet, so the browser can stop waiting."
    Thanks Tilman!
    # // Thu, 21 Jul 2011 15:43:46 +0100 Thu, 21 Jul 2011 15:43:46 +0100
    Drahnier Rasche emailed to ask whether I could add a new format for IE9's Tracking Protection list format, and helpfully pointed me in the direction of an example. Thanks to him, you can now view the list as a tracking protection list for use with IE9. Cheers Drahnier!

    Further details on this format can be found on the AdBlock Plus site.
    # // Thu, 21 Jul 2011 13:28:49 +0100 Thu, 21 Jul 2011 13:28:49 +0100
    Tina Kent has very kindly sent in some information about updating the hosts file on Mac OS X:
    I believe the Mac OS X instructions are not up to date. I cannot
    comment on editing etc/hosts in 10.0 - 10.3 because I have not done
    so, but I have edited my hosts file on 10.4, 10.5, and 10.6 without
    ever involving any of Apple's utilities.

    In 10.4 Tiger, the "BSD Configuration Files" check box does not exist
    in Directory Access. There is a "BSD Flat File and NIS" check box but
    you do not have to check the box to edit & have the system adhere to
    the updated hosts file.

    In 10.5 Leopard, Directory was changed to Directory You have to go to the Services tab within Directory
    Utility where once again you will find the "BSD Flat File and NIS"
    check box, and as in 10.4 it is not necessary to check the box to
    block the domains that you have added to etc/hosts.

    In 10.6 Snow Leopard, there is no Directory Access or Directory
    Utility in the /Applications/Utilities folder. The functionality may
    very well exist in some other app or in some other location, but again
    just editing etc/hosts seems to be all you need to do, followed by a
    reboot or enter the command

    /sudo dscacheutil -flushcache

    /in located at Applications/Utilities (this is the
    command for 10.5 and 10.6, it may be different in previous OS X

    And for those who are intimidated by command line text editors it can
    also be done in TextWrangler (preferred because it is plain text only,
    free, asks before unlocking the file and requires Admin authorization
    to save the changed file.
    Thanks very much for this detailed information, Tina.
    # // Thu, 21 Jul 2011 13:20:54 +0100 Thu, 21 Jul 2011 13:20:54 +0100
    Léomike Hébert mailed me to let me know about an extension for Opera (of which I am a closet evangelist): Opera AdBlock, described as "The true ad blocking solution for Opera". The extensions can use several different lists, including mine.

    Thanks, Léomike.
    # // Thu, 21 Jul 2011 13:14:31 +0100 Thu, 21 Jul 2011 13:14:31 +0100
    David Watson has kindly sent in a copy of a script he's written in perl for configuring Bind. In his own words:
    [The script] formats csv domain lists into master zone definitions for inclusion in a BIND config file. It merges multiple lists, processes an exclusion list, and removes any duplications that would cause BIND startup to fail. Intended to run periodically within a cron process.
    Here's the script itself:

    2012-01-24 Update: David has sent over a URL for an updated version of the script:

    Cheers, David!
    # // Wed, 19 May 2010 09:20:07 +0100 Wed, 19 May 2010 09:20:07 +0100
    Thanks to Jonas for first suggesting, then providing an example of and testing the new Glimmerblocker format:

    If you use Glimmerblocker, Jonas also pointed out a handy page with information about adding custom filters.

    Cheers Jonas!
    # // Thu, 29 Apr 2010 13:33:24 +0100 Thu, 29 Apr 2010 13:33:24 +0100
    Check it out: How to: Block ads with a router (by Paul Tow). Great followup to previous stuff I've posted about this. Cheers Paul!
    # // Thu, 29 Apr 2010 12:51:59 +0100 Thu, 29 Apr 2010 12:51:59 +0100
    New format added: ie8-private-xml. Thanks to Thomas Domville who suggested it and provided a sample file for me, and to Eric who also suggested it.
    # // Thu, 29 Apr 2010 11:50:33 +0100 Thu, 29 Apr 2010 11:50:33 +0100
    New format for IP addresses added - PeerBlock. Thanks Eric for suggesting it, and providing an example file!
    # // Wed, 05 Aug 2009 09:36:32 +0100 Wed, 05 Aug 2009 09:36:32 +0100
    Apologies for the broken date format in the Last-Modified header. This has now been updated to comply with RFC 2616, as it should've been all along.
    # // Sat, 16 May 2009 15:21:56 +0100 Sat, 16 May 2009 15:21:56 +0100
    Just a quick update to note that I've updated the page detailing my policy for inclusion to the list with some extra information about list integrity, and delisting.
    # // Mon, 11 May 2009 10:24:45 +0100 Mon, 11 May 2009 10:24:45 +0100
    Minor update: the "useip" parameter now works for the dnsmasq format. Thanks to Paul Chambers for pointing that out!
    # // Sun, 18 May 2008 09:00:39 +0100 Sun, 18 May 2008 09:00:39 +0100
    Yeah, yeah, I know. Crappy. But hey! You don't have to donate if you don't want to - I don't for most of the sites I use, only the ones I feel really deserve it. So, donate something if you fancy, don't if you don't. Cheers!
    # // Sun, 13 Apr 2008 08:14:50 +0100 Sun, 13 Apr 2008 08:14:50 +0100
    If you want to know (some) details about an entry in the list of ad server hostnames, you can look it up from this page:




    This page has existed for a while, I just haven't advertised it.
    # // Fri, 28 Mar 2008 18:43:10 +0000 Fri, 28 Mar 2008 18:43:10 +0000
    I've set up a new machine for myself at work, and started to use a different null zone file. In case it's of use to anyone else, here it is:


    Changes are: IPs points to, and all timings have been extended by a factor of 10.
    # // Sun, 16 Mar 2008 07:35:31 +0000 Sun, 16 Mar 2008 07:35:31 +0000
    Thanks to the persistence of Alex Grijzen, there is now a new format available for the updated Microsoft ISA Server 2006 XML. Many thanks to Alex, who first asked nicely, then followed up, and then provided me with example format files with descriptions, and prodded me yet again. He asked me to credit for providing the information, with two articles being of particular use:

    I don't apologise for being lazy about this site, but I do appreciate people's contributions; and I can understand people who get annoyed if I don't respond in a reasonable amount of time. Alex however has been polite and helpful every time he's contacted me, which I sincerely appreciate. Cheers Alex!
    # // Fri, 02 Nov 2007 20:30:01 +0000 Fri, 02 Nov 2007 20:30:01 +0000
    Ad server submission has been disabled until further notice; the queue had become useless due to the amount of spam: my fault for being too lazy to add a CAPTCHA. It was apparently affecting the server\'s mail queue as well, causing undue extra load on ClamAV. Apologies to the legitimate submitters; I\'ll try and sort out a better way of contributing in the future.
    # // Tue, 16 Oct 2007 23:52:01 +0100 Tue, 16 Oct 2007 23:52:01 +0100
    Christ on a BIKE.
    Date: Sun, 14 Oct 2007 17:47:04 -0700 (PDT)
    From: Steve Garvey <>
    Subject: Crazy question
    I've recently started a company selling an ad blocking DNS service. Similar to
    a hosts file, only the requests are routed back to your web server so things
    can be handled correctly - blocking breaks video playback on
    many sites, but our server can perform redirects or even proxy content to
    prevent that problem. And of course no updating is needed by the client.
    Anyway, I was wondering if you'd be interested in running a text ad for the
    service on your site? No, the irony is not lost on me. :)
    Steve Garvey
    Yeah! Sure! I'll host an ad for you ON MY SITE ABOUT HOW TO BLOCK ADS.
    # // Tue, 16 Oct 2007 23:40:41 +0100 Tue, 16 Oct 2007 23:40:41 +0100
    RSS feeds for adserver updates and site news are now RSS 2.0, and autodiscovery (<link rel=alternate>) URLs have been updated.

    That is all.
    # // Sun, 16 Sep 2007 10:53:53 +0100 Sun, 16 Sep 2007 10:53:53 +0100
    FYI, just because a couple of people asked:

    We moved. My BSD box moved with us. My BSD box died. RIP, You had a good long life, and now you're going to have a good long death.

    I have another box, but I don't have another monitor yet, and... well, I'm normally using this one... Halfway through setting it up, at which point I'll have my previous local ad blocking setup recreated, at which point I'll start noticing new ads and stuff to add.
    # // Wed, 25 Jul 2007 07:00:30 +0100 Wed, 25 Jul 2007 07:00:30 +0100
    Thanks again to Macskeeball Paul Tow for this very nice explanation of dnsmasq, Linksys, the Tomato firmware, and how they're using it to block ads locally.
    From Wikipedia:

    "Dnsmasq is a lightweight, easy to configure, DNS forwarder and DHCP
    server. It is designed to provide DNS and optionally, DHCP, to a small
    network... Dnsmasq is targeted at home networks using NAT and
    connected to the internet via a modem, cable-modem or ADSL connection
    but would be a good choice for any small network where low resource
    use and ease of configuration are important."

    As for the Linksys thing, allow me to explain. Linksys decided with
    their earlier versions of the WRT54G, earlier versions of the WRT54GS,
    and now the WRT54GL to have their firmware based on Linux. Because of
    GPL license, this meant that Linksys had to release the source for
    their firmware, and allow others to modify and distribute, etc. That
    allowed people to see how the router worked and then produce a number
    of alternative firmwares.

    The idea that, with an alternative firmware, you make a $60 router do
    what ever you wanted that the hardware was capable of doing (including
    adding features normally found only in $600+ Cisco routers) excited a
    lot of people, and very quickly a whole community and business
    platform built up around this little $60 router.

    Some firmwares, such as OpenWRT and DD-WRT, focus on adding a large
    number of features, even if they're features that many would consider
    rather esoteric. The Tomato firmware on the other hand, focuses on
    keeping things simple and fast, providing an excellent user interface
    (screenshots and videos can be found at the top of
    ), while still adding some
    additional select functionality over the stock firmware that many find

    In that thread, we're simply taking advantage of the fact that with an
    alternative firmware (Tomato in the case of the forum the thread is
    in), the router is able to run shell scripts (lists of command line
    commands), and has cron (scheduler), wget (non-interactive
    downloader), and the ability to block servers (through a dnsmasq
    configuration file or a hosts file). By blocking ads on the router, we
    block them for every device on the LAN with no additional setup. We
    take this further by scheduling automatic updates of the ad server
    list, making this a set it and forget it process.

    # // Tue, 24 Jul 2007 12:55:16 +0100 Tue, 24 Jul 2007 12:55:16 +0100
    First, thanks to Macskeeball Paul Tow for mailing me to point out that I'd forgotten to add the option for viewing the server list in dnsmasq format - this has now been corrected.

    Next, I wanted to mention the thread that originally prompted me to add the dnsmasq format option:


    It later turned into an interesting thread where the posters worked out how to use the dnsmasq format properly (ie, not as a hosts list). (And of course part of the reason I'm posting is because it's just nice to see that someone's actually read all (well, at least some of) this stuff I've put up - and for once understood why it's better to use this list (or sort of lists) as something other than a hosts file. Woo!)
    # // Fri, 20 Jul 2007 11:34:14 +0100 Fri, 20 Jul 2007 11:34:14 +0100
    I saw this post:


    and figured I should add a format for dnsmasq, whatever that is. So I did.
    # // Sat, 14 Jul 2007 13:27:07 +0100 Sat, 14 Jul 2007 13:27:07 +0100
    Added a new format for pdnsd - the form at the top of the page now includes an option to view the list in this format. I wasn't able to find out (I have to admit to being particularly lazy in my efforts to find out, there) if pdnsd supports external includes (so that the list could be included as a separate file. Originally I thought it would be good to include a header and footer if pdnsd didn't support includes, but on second thoughts I figured if it didn't, then it would probably be easier for people using pdnsd to add custom headers and footers to a file, rather than remove them. So it's just a plain list in pdnsd format for now. Thanks to UTgamer and Polynomial-C of the Gentoo Deutches Forum!
    # // Wed, 31 May 2006 15:43:26 +0100 Wed, 31 May 2006 15:43:26 +0100
    Hello! Apologies to all of you that have emailed me - I've seen the mails come in but have not had time to deal with anything recently. I now have a lot of free time (at least for a while) and will be spending it going through my backlog of emails and attending to a couple of little projects, this one included. Feel free to forward your email to me again if it's urgent. Also it might be time to change the format of this site, it's not exactly very nice given the amount of information here (a product of it being something that I've added to little by little over the years). Suggestions welcome!


    - Peter
    # // Mon, 16 Jan 2006 18:17:03 +0000 Mon, 16 Jan 2006 18:17:03 +0000


    Enquire within

    As some of you may have noticed, updates to the list of ad servers is sometimes a bit... sporadic in nature, with weeks going between updates. To solve this, I'd like to ask if any of the regular submitters would be interested in helping review submissions as a way to help out the other users of the list. It's very easy to do, but quite slow because of all the DNS resolution. So, if you fancy having a go, let me know at and we can talk. Cheers!
    # // Mon, 16 Jan 2006 11:37:12 +0000 Mon, 16 Jan 2006 11:37:12 +0000
    If you've looked at the site recently, you might have noticed the messages everywhere complaining about stuff like undefined variables and a whole load of other shit. Unfortunately the server's default error reporting level was changed and I didn't know about it, so even minor notices were being displayed. I've made sure this is set locally for my site now, so all is good again. Apologies for the inconvenience.
    # // Sun, 19 Jun 2005 11:07:02 +0100 Sun, 19 Jun 2005 11:07:02 +0100
    Apologies to all those people who had to read the horribly formatted replies to ad server submissions - things should look nice and spiffy again now.
    # // Sun, 19 Jun 2005 10:17:34 +0100 Sun, 19 Jun 2005 10:17:34 +0100
    Zach got in touch to say:
    "I needed this list in a specific format that you dont have - which I am sure many do, and would be rather impossible for you to keep up with.

    So I made a little tool - it wont do much - but it will put the list in most formats someone could need
    Pretty nifty! Nice one Zach.

    I'd still like to provide as many preset formats as possible, so if you find yourself using his tool a lot then get in touch and I'll add whatever format you're using to the options here.

    Update 2007-05-15: Looks like Zach's removed the post. Does anyone have a copy I can host locally?
    # // Sun, 19 Jun 2005 08:28:44 +0100 Sun, 19 Jun 2005 08:28:44 +0100
    Andries Van Wyk mailed to note that people using certain ad blocking programs don't find it easy to access this site, because "adserver" appears in the URL. So, the site is now accessible via the following URL:


    Of course, all the people that are having problems won't know about this yet...
    # // Sat, 28 May 2005 11:17:23 +0100 Sat, 28 May 2005 11:17:23 +0100
    Jerry Gilmore emailed me recently to say that he has written a free Windows utility for managing your hosts file. It's called AdBin, and after trying it out briefly I can say it looks pretty sweet. Download it here:
    # // Sat, 28 May 2005 04:38:50 +0100 Sat, 28 May 2005 04:38:50 +0100
    Browsing through the forums on, I saw a list of malware server hostnames posted as a hosts file. Later in the thread, someone posted the list converted for use with Snort, a popular intrusion detection tool. "Why", I thought, "I should add that format for the list of ad servers". So I did, and you can now view both the list of hostnames and the list of IP addresses in a format useable by Snort:

  • server hostnames
  • IP addresses

    I don't use Snort myself so if anyone could test this for me I'd be much obliged.

    I've also added's page "Malware Prevention through black-hole DNS" to the links page. They give a detailed introduction of how to use a list of hostnames with DNS, along with a list itself available via CVS. Nifty.
  • # // Sat, 30 Apr 2005 14:38:53 +0100 Sat, 30 Apr 2005 14:38:53 +0100
    A Mr. "Anoncompboy" suggested that I provide the list in a format usable for the Adblock Firefox extension. I actually already did offer this, but I'd never tested it so wasn't sure if it worked or not - and having just installed Firefox I figured I'd try it out. It didn't work first time unfortunately, but all that was needed was to add [Adblock] to the top of the list and Adblock recognises it as a valid import filter. So! The list is now available in a functioning format which you can import into Adblock.
    # // Thu, 20 Jan 2005 23:38:23 +0000 Thu, 20 Jan 2005 23:38:23 +0000
    Andrew Fear kindly sent in an example of the list of ad servers in an XML format that can be used with Microsoft's Internet Security & Acceleration Server 2004, which meant I was able to add it as a new format option. Cheers Andrew!
    # // Thu, 20 Jan 2005 22:48:15 +0000 Thu, 20 Jan 2005 22:48:15 +0000
    Need a script to update your hosts file on a Windows machine? You're in luck: Ethan Connor has submitted a DOS script that downloads the latest version of the list of ad servers and updates your hosts file for you. NB: It uses the W3C command line client libwww (which Ethan renamed to "w3c.exe") and a tool called "unix2dos", so make sure you have them installed before trying to run the script.

    If this sounds useful, feel free to download getadhosts.bat. Thanks Ethan!
    # // Thu, 20 Jan 2005 22:36:31 +0000 Thu, 20 Jan 2005 22:36:31 +0000
    Martijn Lievaart mailed me to suggest adding a Last-Updated header to the list of ad servers, something which really should have been there from the beginning. Unfortunately I didn't think of it, but thanks to Martijn the list now includes a Last-Updated header to help save bandwidth on the server and for users. Thanks Martijn!
    # // Thu, 20 Jan 2005 22:09:12 +0000 Thu, 20 Jan 2005 22:09:12 +0000
    I got carried away doing the RSS feed for the list of ad servers and ended up adding one for the news updates as well. The excitement never ends!
    # // Thu, 20 Jan 2005 21:32:46 +0000 Thu, 20 Jan 2005 21:32:46 +0000
    Ken Teague mailed me to let me know about a problem with the scripts for updating your Squid config files with the latest list of ad servers. The script didn't strip out the HTML, leaving some in at the end of the file (which of course will break your Squid setup). I've fixed this by changing the URL to include "mimetype=plaintext", which makes the list display as straight text rather than HTML. He also pointed out that not everyone has wget, so I've left some alternative commands commented out that might be useful. Thanks muchly, Ken.

    Chris Kayes also pointed out that duplicates sometimes appeared in the Squid config files because although it searches for unique hostnames, it's case sensitive. So and would appear twice in the list, for example. This is now fixed - ad server hostnames are converted to lower case automatically and duplicates weeded out before displaying, meaning the duplicate stripping bit in the Squid scripts is no longer needed and has been removed. Thanks Chris!
    # // Thu, 20 Jan 2005 21:02:21 +0000 Thu, 20 Jan 2005 21:02:21 +0000
    Dairenn Lombard kindly sent in the following information on how to make sure changes to your hosts file (and lmhosts file) are picked up in Windows XP and Windows 2000.

    After the hosts file in C:\WINDOWS\System32\Drivers\etc\hosts (for
    Windows2000, it is C:\WINNT) is updated, you have to click Start > Run and
    in the Open text box, type: nbtstat -R
    NOTE: The -R is case sensitive and must be upper case. After typing the
    above, you should receive the following message:
    Successful purge and preload of the NBT Remote Cache Name Table.
    This is per:;en-us;Q180094
    and applies to the LMHOSTS file as well.
    Thanks Dairren!
    # // Thu, 20 Jan 2005 20:56:26 +0000 Thu, 20 Jan 2005 20:56:26 +0000
    Doug Ransom suggested adding an RSS feed for the list of ad servers, which I thought was a great idea - so all you RSS junkies out there can now use this RSS 1.0 feed of the last 50 server hostnames added to the list.
    # // Thu, 20 Jan 2005 20:27:36 +0000 Thu, 20 Jan 2005 20:27:36 +0000
    There is now a page where you can view details about ad servers in the database (eg It will also show ad servers that are not listed either because they are no longer valid, or they were submitted but rejected for some reason (eg Have fun.
    # // Thu, 20 Jan 2005 18:41:54 +0000 Thu, 20 Jan 2005 18:41:54 +0000
    Quick update: I've added a short page describing which hostnames are included and why. So now you know.
    # // Wed, 29 Sep 2004 20:13:48 +0100 Wed, 29 Sep 2004 20:13:48 +0100
    The bug where the HTML header would show up even when specifying plain text MIME type has been fixed. Thanks to those who let me know about it.
    # // Sun, 5 Sep 2004 15:26:45 +0100 Sun, 5 Sep 2004 15:26:45 +0100
    So, when I first put this list up, I had a script that went through the list and weeded out invalid hostnames and other stuff that didn't belong in the lists. That was when it was just a plain text file, and when I moved it over to MySQL I never go round to rewriting some maintenance scripts. It was never a big deal -- it can't really do any harm to have nonexistent hostnames in the list when -- but, y'know, it's always nice to be neat.

    Anyway, as you might have guessed, I've finally ticked it off my todo list. (Well, kind of... I still have to do a bit more for the list of IP addresses...) There's a script that runs weekly now that checks all the hostnames in the list and marks bad entries as invalid. Invalid entries don't show up in the list of servers, but stay in the db until they've failed 12 checks (a bit less than 3 months), after which they're deleted. So far there have been

    I also get an email with lots of lovely stats in it. Stats are great.

    None of this really affects anyone, but you can all rest easy in the knowledge that you'll only be blocking valid hostnames from now on. Sleep well.
    # // Tue, 31 Aug 2004 09:46:11 +0100 Tue, 31 Aug 2004 09:46:11 +0100
    Thanks AJ for pointing out that the date selection was boned. It shouldn't be anymore.
    # // Sat, 28 Aug 2004 21:13:53 +0100 Sat, 28 Aug 2004 21:13:53 +0100
    Apologies for those of you using the form at the top of the page to list ad servers; there was a bug whereby if no date was set, no ad servers would show up. It's fixed now.
    # // Fri, 20 Aug 2004 23:01:47 +0100 Fri, 20 Aug 2004 23:01:47 +0100
    Alan Cuartero sent in the following information:
    I noticed that the registry key string for Win32 (post patch) is incorrect. At least on my system (Win2K server) the path is different. For example your string is..
    [HKEY_LOCAL_MACHINE\SYSTEM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server\Zones\]
    mine is
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server\Zones\]
    Not sure if you heard of this before. I've been fixing it with a text editor but someone else may not be aware of the problem.
    The subject line of his email said "post Patch, SP4", so whilst I don't know if this true for all Win32 operating systems out there it should be true at least for Windows 2000 servers after SP4. Those of you using Win2K server post-SP4 can now view the list of ad servers in the correct format. Thanks Alan!

    I also fixed a minor bug that occurred if you viewed the list with no date set. It's been bugging me for ages (GET IT?!? BUGING me! HAHAH!), just hadn't gotten round to looking at it until now.
    # // Thu, 19 Aug 2004 15:53:11 +0100 Thu, 19 Aug 2004 15:53:11 +0100
    Mike (who has his own pages on ad blocking with Mozilla) sent in the following information:
    In newer versions of Mozilla(/Firefox), cookperm.txt is deprecated in favor of hostperm.1 (
    This patch creates a new file, named "hostperm.1". The format is:
    host \t cookie \t 1 \t
    host    image   2
    host    image   2
    host    image   2
    host    image   2
    ... and so on

    cookperm.txt is probably the same way, but hostperm.1 is very sensitive to the delimiter (single tab only) and is stored in the same place as cookperm.txt (
    The list of ad servers is now available in the new hostperm.1 format

    Thanks Mike!
    # // Mon, 16 Aug 2004 10:59:06 +0100 Mon, 16 Aug 2004 10:59:06 +0100
    Colin Sutton sent in the following piece of information:
    On 23 May you said: "On Mac OS X the hosts file is in /etc/hosts and can easily be modified through the terminal using pico. I used the command to open it "sudo pico /etc/hosts" and everything worked fine. It works the same as on any UNIX system except that for your computer to use it you must use a utility called Directory Access, which is in Macintosh HD:Applications:Utilities:Directory Access. Just press the check-mark next to the option "BSD Configuration Files" and restart your computer."

    These instructions are wrong, at least for Mac OS X 10.3.4 and 10.3.5. I can't speak for earlier versions as I've only had my new imac for a month.

    Applications:Utilities:Directory Access doesn't have the option "BSD Configuration Files". I added servers to /etc/hosts and they are seen, and blocked ad sites successfully. An alternative to pico is textedit. To use textedit start Applications:Utilities:Terminal and type "sudo /Applications/ /etc/hosts" There is no need to restart the computer. After exiting textedit to get back into terminal, type "sudo killall -HUP lookupd"
    Thanks muchly, Colin!
    # // Thu, 5 Aug 2004 09:57:50 +0100 Thu, 5 Aug 2004 09:57:50 +0100
    David "iNerd" B sent in the following helpful information:
    On Classic Mac OS, the hosts file is called "Hosts" and resides either in the System Folder or in the Preferences folder therin (depending, I beleive, on OS version). Of course, if you've never used one on your computer, then it might not exist. In any case, it is a plain text file (as usual), so anyone can create or edit it with no special software. After editing it, either restart (don't -- it's quicker the other way) or open the TCP/IP control panel, click the Hosts button, select it in the Open File dialog, click OK (when it asks), close the control panel, and click save (when it asks). On Mac OS X, of course, it is in the same location as it would be in Unix (BSD "Darwin").
    Thank you muchly David! Hopefully someone out there will find that useful.
    # // Thu, 5 Aug 2004 09:53:49 +0100 Thu, 5 Aug 2004 09:53:49 +0100
    I've finally gotten round to properly documenting all the different formats the list of ad server hostnames is able to be viewed in, instead of having to refer to old news updates. Thanks to Marcus Williamson for prodding me into doing it (as well as pointing out some mistakes on the site that should have been fixed years ago).
    # // Thu, 5 Aug 2004 05:21:05 +0100 Thu, 5 Aug 2004 05:21:05 +0100
    Michael J Talarczyk sent in the following useful information for any Firefox users out there:
    i haven't done an exhaustive search of your pages for the following info, but after setting everything up i noticed firefox was being dog slow through my proxy (a max of 4 connections at once??) then i discovered the following:

    - enter "about:config" in firefox location field
    - enter "proxy" in the filter field
    - increase "network.http.max-persisten-connections-per-proxy" from measly default of "4"

    it seems to immediately help.
    Thanks Michael!
    # // Sun, 23 May 2004 20:19:10 +0100 Sun, 23 May 2004 20:19:10 +0100
    Pixelserv is a tiny web server written in Perl sent in by Martijn Lievaart, originally written by Piet Wintjens and modified by Mark Janssen. It solves the problem where some browsers complain if they can't access a site by serving up a 1x1 blank pixel for every request, and is just 966 bytes when run as a daemon or 408 bytes if run from inetd. Nifty.

    - (local copy)
    # // Sun, 23 May 2004 19:27:12 +0100 Sun, 23 May 2004 19:27:12 +0100
    Marcia Skidmore sent in this useful information about the using the list in host file format on Macs:
    Under Mac OS 9 and earlier there is a hosts file in the root level of the system folder. If you're using Open Transport it can also be located inside System Folder:Preferences, although either will work. Or you can just open the TCP/IP control panel and go into Advanced under User Mode in the Edit menu. Then you have the option of choosing whatever hosts file you like and it will be put where it needs to be. I've also been looking at the syntax for host files under this system, and you should use for this either SITE_NAME. A (the period is required) or SITE_NAME CNAME On Mac OS X the hosts file is in /etc/hosts and can easily be modified through the terminal using pico. I used the command to open it "sudo pico /etc/hosts" and everything worked fine. It works the same as on any UNIX system except that for your computer to use it you must use a utility called Directory Access, which is in Macintosh HD:Applications:Utilities:Directory Access. Just press the check-mark next to the option "BSD Configuration Files" and restart your computer.
    I hope any Mac users out there find the above helpful. The list of ad servers in Mac hosts format has now been updated to have a period at the end of the server name and use A records instead of CNAMEs. Thanks Marcia!
    # // Sun, 23 May 2004 19:13:58 +0100 Sun, 23 May 2004 19:13:58 +0100
    Jim Kenzig from sent me a note to say that he asked Mark Lee, a programmer from Wiz Bang Ideas, to write a command line program that would let him easily append new entries to the hosts file. Obligingly, Mark served up BlockDNS - and Jim put it up on the web for anyone else who might find it useful. Thanks, Jim and Mark!

    - (local mirror)
    # // Sun, 23 May 2004 19:00:21 +0100 Sun, 23 May 2004 19:00:21 +0100
    A Mr. Jamshed mailed suggesting that the list be available in some sort of XML format, as apparently this would make it easy to use XSL to reformat the list. There's no XSL on the site yet, but the list is now available in pgl XML - a simple format that should be easy to use. Comments are welcome!
    # // Sun, 23 May 2004 17:50:27 +0100 Sun, 23 May 2004 17:50:27 +0100
    Leo Kesler mailed me to suggest adding the option to list ad server IP addresses and hostnames all on one line, as various programs use that format for importing. This being a good idea that I should have thought of myself, I've now added this as an option to both lists:

    # // Sun, 23 May 2004 17:30:07 +0100 Sun, 23 May 2004 17:30:07 +0100
    I've finally put up the list of links I've been collecting for the past 18 months. Hope someone finds them useful.
    # // Sun, 20 Jul 2003 14:50:56 +0100 Sun, 20 Jul 2003 14:50:56 +0100

    If you're moving from using network-wide hosts files to a central DNS server, I wrote a little script that converts hosts files to BIND zone files. Thanks to ObiWan for the suggestion. I've also updated the other script (hosts2bind: converts hosts files to BIND config files so you can set it to be master for all the ad servers you've been collecting) - it can now handle multiple hostnames per IP address, and also filters out duplicate entries that made BIND barf. Thanks again to ObiWan for letting me know about this problem.
    # // Sat Jul 19 22:01:05 CEST 2003 Sat Jul 19 22:01:05 CEST 2003

    David Puckett helpfully pointed out that the Win32 registry file used with the MS DNS service under Windows 2000 no longer works after applying the service pack, because the location of the registry key gets moved (see Microsoft's Knowledge Base for more details). Thankfully David also gave me the new location, so there is a new format for viewing the list with the post-service pack key location updated.

    David ended the mail by mentioning "Public filtered dns at". Although he didn't give any more information than this, it looks like he's set up a DNS server that gives bogus information for ad servers etc - ie, exactly what this list achieves, but as a public service rather than privately.

    I've wanted to be able to offer something like this for ages. If I could run a DNS server (or, better, a distributed network of DNS servers around the world), people could take advantage of the most effective method of using this list without the usual bother of having to set up a nameserver, etc. And using a public DNS server would mean you wouldn't have to update your block list all the time. So, basically, less annoying stuff on the Internet for less effort.

    One problem with this, though, is that if you use a public DNS server, you have to trust you're not being given bogus data for any other reason than filtering out ads / stats servers / etc. Say Joe DNS Admin gets offered $10,000 to redirect all requests to a particular web server for a day to promote a new car? Or some other company pays to have its competitors' websites fail half the time. You might even find yourself as part of a DDoS attack on someone - if there's enough machines using this DNS server they could probably flood someone's line quite easily if the nameserver gave out the router's IP address for DNS lookups. And even everything seems OK, every request to look up a hostname can easily be logged, so it's also possible that your browsing habits are being tracked and sold without you knowing.

    Of course, I'm not saying that David is running a service like this - just that it's possible. It seems like it's just being started up though, and I'm interested to know more.
    # // Sat Jul 19 21:20:53 CEST 2003 Sat Jul 19 21:20:53 CEST 2003

    Andy Lowe (no relation (that I know of)) mailed me with details of how to use the list of hostnames with Microsoft Internet Explorer 6 as an XML file. By going to Tools -> Options -> Privacy -> Import, you should be able to select a file to import that contains a list of rules about how IE should act when contacting particular hostnames. Andy included an file that would block any of the servers listed from setting or getting cookies from your machine - as he says,
    "a more moderate approach ...content (including ads) will still be downloaded into your browser from listed sites, but the site's abilitity to identify you as a user or correlate your viewing habits through widely known abuses in cookie management will be somewhat diminished.
    The list of ad servers can now be viewed in this format for anybody who might find this useful.

    Andy added also added:
    A similar list could be constructed to automatically place these sites in the p3p restricted site list, which would have a similar effect, but in addition block these sites from other potentially nefarious activities. Prudent users will have these settings enabled for all sites.
    If anyone can send me a sample of the latter type of file, I'll add it as an format for viewing the list in.

    The ad server submission queue has finally been cleared. Sorry it took so long. Low flying helicopter accident, kept me tied up for weeks.
    Thu May 15 21:37:09 CEST 2003
    Patrick Steiner emailed me to point out that the acl line listed here that should be added to Squid's config file was incorrect. I've updated the details above with the correct acl line; a thousand blessings be upon you, Patrick.

    He also explained a problem he was having using Squid's dstdom_regex acl type, which would allow blocking access to whole domains rather than only individual hostnames. dstdom_regex searches the destination domain for the ad server string, and will apply the access control if found. What happens is that dstdom_regex with a hostname like "" means that "" -- the update server -- is also blocked, because it contains the string "".

    I had a look through the documentation on ACLs, and apparently Squid uses the GNU regex library for the _regex acl t ypes, which as far as I know will allow the servers to be specified as regexes that won't have this problem. Using something like this:
    means that Squid will only match "" if it either has nothing before it or is preceded by a ".". I've added the option to view the list of ad servers in this format, and added an example acl config line, so it should now be possible to easily configure Squid to block whole domains. Oh, and I made a quick version of the update script that uses the dstdom_regex version of the ad server list.
    Wed Apr 30 08:12:30 CEST 2003
    Stephen Patterson was kind enough to send in a script that he uses with the list of servers and the Squid Web Proxy Cache to block ads. When I saw the script I was a bit confused, because it was mostly to "strip the list down to raw hostnames" for Squid. Ever since I put this list up, it's been availble as a list of raw hostnames, so I thought maybe Stephen was just missing something. But, uh, apparently the "plain text" option has never actually been an option, because I forgot to add it. Sorry about that. It's there now.

    If you choose "plain list of hostnames (no HTML)" from the select box, the hostnames will be served up as plain list of raw hostnames. The intro doesn't show up even if it's selected to, and it's set to text/plain so no HTML or anything.

    I've added the details about configuring Squid that Stephen sent to the list above, and put a version of his script in the script directory to download. Cheers Stephen!
    Wed Apr 30 02:55:17 CEST 2003
    I've just come across WebWasher and Bruce's Independent WebWasher Workshop, which provides a URL filter list that can be used either with the program or as a handy example of the file format for those wishing to add it to their list of ad servers. So, you can now view the list of ad servers in WebWasher format.
    Sun Mar 30 06:46:19 CEST 2003
    ObiWan suggested in his email (see below) that I offer an online version of the hosts-file-to-BIND-zone-file-converter-script of his. Which isn't such a bad idea. So now if you happen to have a hosts file lying around that you've been just wishing you could convert -- in just one easy step -- to BIND zone file format, well my friend, I think I might just be able to help. It's not exactly artificial intelligence (yet), but for most people converting from hosts -> BIND, it should work OK.
    Sun Mar 30 05:41:56 CEST 2003
    ObiWan from BIND-PE mailed me (quite a while ago, actually -- sorry for the delay!) with a cool little VB script that lets you convert hosts files to zone files easily - which everyone should do, if they're still using hosts files.

    Here the zip containing the two files you need.

    And here's ObiWan's instructions on how to use them:
    this small "vbs" script will simply load a "hosts format" file and use it to generate a couple of files (null-zone and config) which may be used by BIND (and/or BIND-PE).

    simply extract the files from the zip into an empty folder, copy the "hosts" file into the same folder, *ensure* that *no valid address* is contained into that file (neither "localhost" nor any other valid host) and then run the nsblock "batch" file, this will in turn start the "h2d.vbs" (Hosts 2 Dns) script which will parse the hosts file and generate the "null.db" file (null zone) and the "extra.conf" file (BIND partial config file), at that point to use such files with BIND-PE one should simply copy both of them into the BIND-PE etc folder i.e. "...\system32\dns\etc" and (after deleting/renaming the current HOSTS file) start/stop the DNS service, to use such a file with other BIND distros the idea is the same although in that case the "extra.conf" file should be merged (or "#included") into the BIND master config file.
    Mr Wan assures me that the script is completely in the public domain, so feel free to abuse his generosity as you wish.

    Caveat: I have not used this, because VB scares me in a way that only a programming language designed by Microsoft can. So, y'know, no guarantees and all that. (Actually, I did virus check it, but I'm not sure if that counts.)

    Oh and by the way: ObiWan's signature included a URL to a site with (and I quote) "408 XP/2000 tweaks and tips". Tweaking being one of the more fun things about Windows, I had a look, and yay brothers and sisters, verily I was rewarded with a feast with which to mess up my registry even more. Go, my friends! Go, with the wind of the Gods behind you! Enlightenment awaits.
    Sun Mar 30 01:36:42 CET 2003
    One thing I've been meaning to do for months (along with about 50 other ideas...) is put together a list of the other cool sites and people doing similar stuff to this list of ad servers. No, no, I'm not about to do it now — still far too lazy for that — but I just came across a site that's worth a mention. has some very sound advice, answers to common problems, an excellent hosts file, and an all round rosy glow to it. So, go visit it.

    That's all. You can go now.
    Sat Mar 15 22:30:08 CET 2003
    New formats added: as a block list for the Netgear FM114P (Thanks Marc Ruef for sending me the URL for his list); and as a Webclean pattern file (Thanks to Don Marti for first making me remove all GIFs from and then letting me know about Webclean).
    Fri Mar 14 03:31:52 CET 2003
    Just wanted to say - sorry for the lack of updates. Life has been really busy lately, and I was sick for a while so have a lot to catch up on now. Please keep submissions coming - I will get round to clearing the queue in the end! Cheers for the help.
    Sun Jan 26 22:14:05 CET 2003
    Just had to post a link to this forum thread - post #3 is great!
    Mon Dec 23 09:58:40 CET 2002
    I've just come across Adblock, a plugin for Mozilla that lets you block ads (funnily enough). The list can now be viewed in a format which hopefully will be most effiective if you just copy & paste it in to the Adblock's filter list.
    Also, a note about Janaserver: whilst it's possible to use the list of servers with it, there's no way of easily importing the whole list so you have to add each one manually. Arse!
    update Mon Nov 4 09:57:24 GMT 2002
    The mysterious "NL" suggested an excellent improvement to the Bind 8 listing: add the "no notify" option for each zone. Each time time the name server starts up it normally sends out a NOTIFY message to its slaves for each zone it's authoritative for. Adding the "no notify" option disables this, saving your network and cpu time. Hooray for effieciency!
    update Sat Nov 2 01:52:30 CET 2002
    Scott Barlett, the Linux Firewall admin for, was kind enough to email me about errors in some of the list formats, and potential issues with the list of IPs. First, the PAC file using ad server hostnames was completely broken - the function name for matching hostnames should have been "shExpMatch", not "shpExpMatch" as I had apparently typed it. Since nobody else complained though, let's just carry on as if nothing happened, OK? We'll just keep it between you and me.

    Second, there were some bad entries in the list of IP addresses - was included, along with some actual hostnames. So uh, sorry, I'll go sit in the corner for a bit I think.

    Also, Scott pointed out that the listing ad servers by IP address might not be such a good idea. His points were:
    • Potential for abuse - anyone who has control over any of the servers listed can decided to change the IP address to point to anything they like; so potentially you might one day find Google unavailable because some irate advertising whore has decided to be spiteful.
    • IPs may not be just ad servers - with a hostname like "", you can be pretty confident you're not going to miss anything by blocking it, but the actual machine maybe used for more than just ads. Blocking the IP makes it much more likely that you might be unable to access the more useful services provided.
    You can read the full text of his email on the forums.

    Now, personally I don't think these are such big problems. Firstly, it's very rare to have a whole site blocked because you're using the list of ad servers, so assuming it's just an ad site that's blocked is quite unlikely. Plus the fact that Mr Wanker Advertiser who's attempting to poison the list is going to have to try and hit big sites, meaning they'll be noticed and fixed pretty quickly.

    But, the point about the IPs is pretty good, so I'm going to reimport the list of IPs for each ad server and check to see if it matches up. It'll be a pretty small list, but at least each entry will be 100% Certified Ad Server material. Probably.
    update Tue Sep 10 20:30:39 CEST 2002
    There I am, checking out some web page, and I see a banner ad. Oh, says I, I wonder whether the banner is on an ad server I can add to my list. So I have look, and - wait, what's this? It's a doubleclick ad. Weird... I know I have them in the list, so I shouldn't be seeing it... So I have a look, and I find out that mysteriously, there's only about 6 entries left in the list! Very odd indeed. All the IP addresses were still there, but most of the hostnames had gone. Good thing I keep backups (good little sysadmin that I am -- well, used to be). If it was you, I'd just like to say: OI! NOOO! YOU WILL NOT DELETE MY LIST OF AD SERVERS SO DEPRIVING THE GOOD PEOPLE OF THE INTERNET WITHOUT AN EASY MEANS BY WHICH THEY CAN BLOCK BANNER ADS AND OTHER NASTY SHIT ON THE WEB!
    update Tue Aug 20 12:34:53 CEST 2002
    The list can now be viewed as a proxy auto configuration file, which can be used to automatically set up your browser's proxy settings. Using this version will tell your browser to use the proxy of for ad server hostnames, effectively blocking them (unless you're running a proxy server on your local machine of course).

    If your browser supports autoconfiguration of its proxy settings, set the URL for the PAC file to be either of the following to block ads:;showintro=0 (uses the ad server hostnames);showintro=0 (uses ad server IP addresses);

    To read about the proxy autoconfig file format, see Netscape's page for details:
    update Tue Aug 20 12:26:44 CEST 2002
    Wolfram Kraushaar kindly provided me with instructions on how to use the list with the Microsoft DNS service, by adding the hostnames to the registry and specifying a null zone file for each zone. He also provided me with a zone file that could be used, and the steps listed in the section showing other ways to use this list.

    So, you can now download the list of adservers as a Win32 System Registry file. In a nutshell: save the list as a file with the extension ".reg", put a copy of the null zone file in your %SystemRoot%\system32\dns directory, double click the registry file to import the list, and restart your DNS service.

    Thanks Wolfram!

    On a side note, you can also get to this page via the address: Make your own shortened URL at!
    update Thu Aug 15 12:16:45 CEST 2002
    You can now view a list of IP addresses for the servers instead of just hostnames. This means that it's actually a viable option to use ipchains or iptables to block ads (and much more effective).
    update Tue Jul 2 14:03:46 BST 2002
    Three new formats added:
  • as a list of ipchains commands
  • as a list of iptables commands
  • Internet Junkbuster format

    Internet Junkbuster Proxy is a powerful proxy that can be used to block ads. This list would be most useful as a starting point for your config file.
    For both ipchains and iptables, the servers are listed as hostnames. This isn't such a good idea, as the hostnames have to be resolved before they're blocked, which is slow. I'll add the option to view them as IP addresses soon, but for now listing hostnames is better than nothing.
  • update Sat Jun 22 07:33:11 BST 2002
    The option to view the list in a format suitable for use with Opera's URL filtering has been added. For more information on this feature of Opera, check out Martin Schrode's excellent page at:
    update Mon Jun 10 17:03:32 BST 2002
    Hah! That guy who copied information from this page has put up a sign saying "What a liar you are yoyo Peter Lowe!" What a wanker! He sent me several emails saying that because the text wasn't verbatim he was the author, and it seems my replies must have irked him. "Member" indeed.

    update Mon Jun 10 16:57:29 BST 2002
    You can now view the list in a format suitable for using in a Bind 8 configuration file. This format assumes that you have a file called "" which will contain dude information about the ad server. The easiest way to use the list in this format is just to save it as some file, and put "include adservers.conf" (or whatever you've called it) at the bottom of your named.conf.

    update Thu May 30 10:22:46 GMT 2002
    I just checked's Neutering Ad/Spyware page and noticed that Macs have a different format for hosts files, so I've added the option to view the hosts file in Mac host file format.
    update Mon May 20 19:29:09 BST 2002:
    someone has finally set up a nameserver! I'd like to say thank you very much to Olivier Matthey for setting up a server that uses this list. if you'd like to use it, set your dns server to note that this IP address is liable to change; you can find it out by checking the IP for

    I've left the note at the top of the page saying that I'm looking for ad servers as more is always better - if you've got a unix box you'd like to see put to a good purpose, let me know. if you're not sure about how to set up a nameserver or how to use this list, let me know and I'll be more than happy to help.
    update Thu May 23 12:51:58 GMT 2002
    hahah! I've been ripped off! have a look at, and you'll see that the text there is almost exactly the same as on this page. what a turd. I saved a copy for posterity, and in case he changes it. [ which he ended up doing... ]
    update Tue Feb 5 12:18:10 CET 2002:
    I just realised I've been a bit fick. apparently if you use a list like this as a hosts file, you have to put every host in, not just the top level domain. so, I'm looking for someone who will set up their nameserver to use this list, so that other people can just set their nameserver to whatever to start blocking ads. know anyone? got a nameserver you wouldn't mind me using? get in touch.
    update Mon Dec 10 10:26:01 CET 2001:
    first, thanks to progame to submitting his list of hosts. second, IronChef on slashdot posted his list there, so I've added all those. (would have been nice if he'd mailed me, but never mind...)
    update: thanks very much to sergio for mailing me his list of hosts.
    update: they just keep on coming.
    update: I found another site listing ad servers. it has a good explanation of how to use the list to block ads using the hosts file in windows and by using the proxy server settings in netscape & internet explorer. I've copied some of the hosts that weren't in this list before, but the site hasn't been updated since 20th feb and a lot of sites listed don't exist anymore. (last time I checked was nov 10 2001.)
    update: another one! woah. this one has shedloads of hostnames. they could probably make it easier to maintain if they just used second level domains instead of listing each ad server, but hey, not my site. probably not worth maintaining this page any more, but it's all automatic and stuff so I might as well leave it as it is. I found this other site whilst browsing dmoz's list of ad filtering pages.
    this isn't true anymore, but I'll leave it up for, uh, posterity or something

    since it looks like there's a slight different between that list and mine, it might be an idea to explain how I choose what hosts and domains go in my named.conf: for any ad company that I know of, like doubleclick, I put in their whole domain, so I don't have to bother adding all the hosts as they pop up. also, any stats services go in there as well, because I don't particularly want my browsing habits being recorded and analysed by people I don't know. other than that, if I see an ad I'll find out what server it's coming from and add the server name to the list if it's obviously hosted on a dedicated ad server (eg, the hostname is "").

    a little perl script checks my named configuration file every ten minutes to see if it's been updated, and modifies the list this page uses if there's been any changes. another script runs every night to check the hostnames still exist and mails me if it finds any that have disappeared. if I find an adserver that's not in my list, an eensy script that adds it to my nameserver config (which is very simple, and should check to see if it's in there first and stuff), after I've checked that it's a valid host. all these scripts are in the scripts/ directory.