Generates a host list of first-party trackers for ad-blocking.
Go to file
2019-12-07 19:19:37 +01:00
dist Added possibility to add personal sources 2019-11-11 11:19:46 +01:00
rules Tracker: 2o7 2019-12-07 19:17:18 +01:00
rules_adblock Improved rules handling 2019-12-03 08:48:12 +01:00
rules_hosts Improved rules handling 2019-12-03 08:48:12 +01:00
rules_ip FP: ThreatMetrix 2019-12-07 18:23:11 +01:00
subdomains Added possibility to add personal sources 2019-11-11 11:19:46 +01:00
temp Separated DNS resolution from filtering 2019-12-02 19:03:08 +01:00
tests Preliminary structure for testing 2019-12-07 19:19:37 +01:00
websites Added RED by SFR website 2019-11-13 18:14:56 +01:00
.gitignore Automatically download nameserver list 2019-11-14 10:56:53 +01:00 Removed third-parties from easyprivacy 2019-12-05 01:19:10 +01:00 Added some delay for websites subdomains collecting 2019-11-14 06:29:24 +01:00 Fix log in scripts 2019-12-07 18:45:48 +01:00 Improved rules handling 2019-12-03 08:48:12 +01:00 Fix log in scripts 2019-12-07 18:45:48 +01:00 Rules lists are optional 2019-12-07 18:22:20 +01:00 Fix log in scripts 2019-12-07 18:45:48 +01:00 Can now use AdBlock lists for tracking matching 2019-11-15 08:57:31 +01:00 Added more trackers and their clients 2019-11-12 13:58:17 +01:00 Improved DNS resolving performances 2019-12-03 15:35:21 +01:00 Fix log in scripts 2019-12-07 18:45:48 +01:00


Generates a host list of first-party trackers for ad-blocking.

The latest list is available here:

DISCLAIMER: I'm by no way an expert on this subject so my vocabulary or other stuff might be wrong. Use at your own risk.

What's a first-party tracker?

Traditionally, websites load trackers scripts directly. For example, and both load to track their users. In order to block those, one can simply block the host

However, to circumvent this easy block, tracker companies made the website using them load trackers from The latter being a DNS redirection to, directly pointing to a server serving the tracking script. Those are the first-party trackers.

Blocking doesn't work any more, and blocking * isn't really possible since:

  1. Most ad-blocker don't support wildcards
  2. It's a DNS redirection, meaning that most ad-blockers will only see

So the only solution is to block every subdomains known, which is a lot. That's where this scripts comes in, to generate a list of such subdomains.

How does this script work

It takes an input a list of websites with trackers included. So far, this list is manually-generated from the list of clients of such first-party trackers (latter we should use a general list of websites to be more exhaustive). It open each ones of those websites (just the homepage) in a web browser, and record the domains of the network requests the page makes.

Additionaly, or alternatively, you can feed the script some browsing history and get domains from there.

It then find the DNS redirections of those domains, and compare with regexes of known tracking domains. It finally outputs the matching ones.


Just to build the list, you can find an already-built list in the releases.

(if you don't want to collect the subdomains, you can skip the following)

  • Firefox
  • Selenium
  • seleniumwire


This is only if you want to build the list yourself. If you just want to use the list, the latest build is available here: It was build using additional sources not included in this repository for privacy reasons.

Add personal sources

The list of websites provided in this script is by no mean exhaustive, so adding your own browsing history will help create a better list. Here's reference command for possible sources:

  • Pi-hole: sqlite3 /etc/pihole-FTL.db "select distinct domain from queries" > /path/to/eulaurarien/subdomains/my-pihole.custom.list
  • Firefox: cp ~/.mozilla/firefox/<your_profile>.default/places.sqlite temp; sqlite3 temp "select distinct rev_host from moz_places" | rev | sed 's|^\.||' > /path/to/eulaurarien/subdomains/my-firefox.custom.list; rm temp

Collect subdomains from websites

Just run This is a long step, and might be memory-intensive from time to time.

This step is optional if you already added personal sources. Alternatively, you can get just download the list of subdomains used to generate the official block list here: (put it in the subdomains folder).

Extract tracking domains

Make sure your system is configured with a DNS server without limitation. Then, run The files you need will be in the folder dist.


Adding websites

Just add the URL to the relevant list: websites/<source>.list.

Adding first-party trackers regex

Just add them to