Disconnect logo

We track the trackers

Our tracker protection lists power Microsoft Edge, Mozilla Firefox, other partners, and our own award-winning privacy products.

350M+
Users protected by default
Millions
of sites, apps & emails analyzed
Continuously
updated via automated detection and expert review
Examples Definition Categories Evaluation We block We don't block Activity Feedback ↗

Example domain evaluations

pixel.example-analytics.net ADD

Acme Data Corp

Advertising
Third-party presence
1,247 sites 4.2% of crawled web
Seen on: nytimes.com, weather.com, webmd.com
Request breakdown
8,432 total
Script
5,104
Beacon
2,180
Image
1,148
Cookies
89% cross-site · max 365 days
_acme_uid HIGH device_id HIGH _sess LOW camp_ref MED
Fingerprinting techniques
Canvas Navigator Audio WebRTC

Cross-site advertising pixel with persistent user identifiers. Sets long-lived cookies with unique device IDs and deploys canvas fingerprinting as a fallback identification mechanism across 1,200+ publisher sites.

Confidence HIGH
Breakage NONE
cdn.trackify-demo.io MOVE

DataFlow Systems

Fingerprinting — Invasive
Third-party presence
892 sites 3.0% of crawled web
Seen on: reddit.com, stackoverflow.com, cnn.com
Request breakdown
12,108 total
Script
9,204
XHR
2,420
Beacon
484
Cookies
94% cross-site · max 180 days
df_fp_hash HIGH _df_session MED df_cid HIGH _df_ref LOW
Fingerprinting techniques
Canvas Audio Navigator WebRTC

Moving from Content to Fingerprinting (Invasive). Uses canvas and audio API abuse to generate device fingerprints, combined with navigator enumeration and WebRTC local IP detection across 890+ publisher sites.

Confidence HIGH
Breakage LOW
t.metrix-example.com ADD

Metrix Analytics Inc

Analytics
Third-party presence
3,412 sites 11.4% of crawled web
Seen on: amazon.com, espn.com, bbc.com
Request breakdown
24,870 total
Script
14,922
Image
7,461
XHR
2,487
Cookies
96% cross-site · max 730 days
_mx_uid HIGH mx_session MED _mx_pageview MED _mx_cohort HIGH
Fingerprinting techniques
Canvas Navigator Audio WebRTC

High-prevalence analytics SDK present on 3,400+ sites including government domains. Sets 730-day persistent cookies with unique visitor IDs and builds cross-site behavioral profiles for cohort-based audience segmentation.

Confidence HIGH
Breakage LOW

These are fictional examples for illustration purposes only.

Definition of Tracking

Tracking is the collection of data regarding a particular user's or device's activity across multiple websites or applications that aren't owned by the data collector, and the retention, use or sharing of that data. We will also classify as trackers domains which collect, share, retain, or use data to enable tracking by other services.

Our definition focuses on third-party data collection AND retention. So, for example, our tracker definition doesn't apply to sites that log an IP address but don't save that information in a database. And the collection must be across context, so our tracker definition also doesn't apply to cases where there is solely a first-party relationship with the user, for example the site only collects and retains information on site visitors. Finally, our definition also focuses on particular users and devices, so data that is immediately aggregated doesn't apply.

We may include domains on our lists that are technically in a position to easily track users and fall into one of our defined tracker categories below, even if we cannot confirm tracking, as defined above, with technical or other evidence.

Categories of trackers

Our lists of trackers are categorized according to the following definitions.

Advertising

A tracker which also displays or enables ads or marketing offers. These types of ads can track your personal information and expose you to malware, even if you don't interact with them.

Analytics

A tracker which collects your information and may build a profile based on your online activity that can be connected with your real name or other unique identifier.

Anti-fraud

A tracker may be classified as anti-fraud if its explicit purpose is to prevent or detect fraud and does not utilize data collected in a third-party context (including IP addresses and user identifiers) for any purpose not directly related to fraud detection or prevention, including the use and sharing of such data to enable tracking of particular users or devices by other services.

Consent Managers

A tracker may be classified as a Consent Manager if its explicit and primary purpose is to manage consent preferences and does not utilize data collected in a third-party context (including IP addresses and user identifiers) for any purpose not directly related to managing consent preferences, including the use and sharing of such data to enable tracking of particular users or devices by other services.

Cryptomining

A domain may be classified as cryptomining if it can cause the user's browser to mine cryptocurrencies without explicit user opt-in.

Email

A tracker which commonly appears in emails. In addition to the main Email category, we will maintain a sub-category called Email Aggressive. This sub-category includes additional email tracker domains which serve images or links that when blocked may alter expected functionality. Determinations about whether a domain is moved to the Email Aggressive category seek to balance usability with privacy harm and will be based on error reporting, internal testing, and user experiments as described in the Content portion of our list below.

Fingerprinting

A tracker may be classified as a fingerprinter if it identifies particular users or devices based on the properties of the browser, device, network, or any other properties of the computing environment, without using client-side storage of cookies or other data.

General fingerprinting

A tracker may be classified as a general fingerprinter if it uses browser or device features or properties in unintended ways to identify and track a particular user or device.

Invasive fingerprinting

A tracker may be classified as an invasive fingerprinter if it uses an API to extract information about a particular user's computing environment when the API was not designed to expose such information.

Session replay

A tracker which records all actions a user takes on a webpage in order to recreate the user's session may be classified as a replay script.

Social

A tracker may be classified as social if it uses tracking techniques that allow a social networking service to track your web browsing activities even when you are not on the social network's website or app.

How we evaluate trackers

Every domain on our lists goes through a structured evaluation that combines automated detection with expert review. Our process analyzes multiple dimensions of tracking behavior and compatibility testing to determine whether a domain meets our definition and how it should be classified.

Third-party presence

We measure how many websites and apps load a domain as a third party, identifying its reach across the web including its presence on specific categories of websites.

Network behavior

We analyze the types of requests a domain makes and inspect URLs for tracking parameters, campaign IDs, and high-entropy identifiers.

Cookie analysis

We examine cookie names, durations, scopes, and values. Long-lived cross-site cookies with unique identifiers are strong indicators of tracking.

Fingerprinting detection

We detect JavaScript API abuse including canvas fingerprinting, audio context fingerprinting, WebRTC local IP extraction, and excessive collection of browser and device properties.

Ownership & entity mapping

We trace domain ownership through web research, DNS records, WHOIS data, corporate registrations, and subsidiary relationships to map the full network of domains operated by each tracking entity.

Breakage risk assessment

We evaluate whether blocking a domain causes site or app breakage by reviewing compatibility reports, automated and manual testing, and checking whether the domain serves functional content alongside tracking.

Trackers we block, or include

"Trackers" are those services that we've identified and determined meet the definition of tracking above.

Disconnect compiles several lists of trackers for browsers, apps, full device, and network based protection. Our Services list powers our browser extensions and are utilized by Mozilla's Firefox, Microsoft's Edge, and other browsers to block certain tracking domains. Our Services_Relay list is intended to be used to mask a user's IP address transmitted to the domains listed, but not block those domains. Both our Services and Services_Relay lists can be found here along with a change log and notes.

Trackers we don't block, or include

Disconnect strives to find the balance between privacy, security, usability and promoting a better Internet for everyone. These concerns drive our decisions in regards to trackers we block and don't block. We do not accept payment for unblocking or unlisting trackers.

We unblock or unlist trackers to provide a better user experience, based on the three types of evidence listed below. The impact of blocking a tracking domain altogether and masking an IP address transmitted to a tracking domain may be different, so the domains included in our Services blocklist and our Relay IP masking lists also differ. Unblocked tracker domains will appear in what we call the Content portion of our Services list. For some of our products, users can choose to block this Content portion of the list as well.

  • Error reporting. We sometimes unblock trackers based on user feedback and complaints that we have received about broken user experiences or compatibility issues.
  • Internal testing. We conduct compatibility and user testing of our lists to identify domains that should go on our unblocked list.
  • User experiments. We also use external testing services to run user experiments and identify additional problems with our products and tracking list.

We also generally unblock, and place into our Content category, tracking domains that are in a position to track, but make a public, legally binding commitment not to track as we define that term.

Although we support sites that commit to respect users' Do Not Track (DNT) preferences and agree to comply with DNT as defined by the Electronic Frontier Foundation (https://www.eff.org/dnt-policy) such compliance is not grounds for unblocking at this time due to disparities and technical inability to persist DNT headers across browsers and products.

All of the trackers we've identified but don't block in our Services list, along with a change log and notes, can be found here.

List activity

Recent changes to our tracker protection lists. Our lists are continuously updated and improved.

March 2026

Updates Flipp, Amazon, Wingify entities

7 days ago 583de4e

Sync tracking protection lists from internal-lists

8 days ago b91c224
February 2026

Sync tracking protection lists from internal-lists (#404)

11 days ago cf79a43

Entity updates.

14 days ago d3e8362

Removals

14 days ago 307e6c5

List updates

14 days ago 7bb7e50

Removes `moikrug.ru` from `Yandex`

21 days ago 8e10e76

Moves `score.juicyscore.com` to `Anti-fraud`

a month ago ea1d534

List updates.

a month ago e2db83d
January 2026

List updates.

a month ago 26bafed

Update copyright year

2 months ago 2f92004
December 2025

List updates.

2 months ago 4fc832d
November 2025

List updates.

3 months ago 4d27656

List updates.

4 months ago d39f366

List updates.

4 months ago 5155d62

Entity updates.

4 months ago 82b7e73
October 2025

List updates.

4 months ago c0472cc

Entity updates.

5 months ago 731870c

List updates.

5 months ago 83a66aa
September 2025

List updates.

5 months ago a88ad71

List update.

5 months ago e5cc939

Entity updates.

6 months ago 15135b9

Entity updates.

6 months ago 617f38d
August 2025

Fixes dupe domains in entities from prev commit.

6 months ago 8fb1c22

Adds and removes domains, entity updates

6 months ago cda359c

Adds and removes domains.

7 months ago 4195e00

Entity updates

7 months ago b22d783

Entity updates

7 months ago 4cae5dc
July 2025

Adds and removes trackers, entity updates

7 months ago eeaf28e

Recategorize Didomi domain.

8 months ago 735f1ae

View full history on GitHub →