diff --git a/nix/configurations/vanadium/nixos/connectivity.nix b/nix/configurations/vanadium/nixos/connectivity.nix
index 3564f3f1..7c54f9ce 100644
--- a/nix/configurations/vanadium/nixos/connectivity.nix
+++ b/nix/configurations/vanadium/nixos/connectivity.nix
@@ -201,23 +201,30 @@
       lb_strategy = "p2";
       lb_estimator = true;
 
-      # Prevent building up reliance on chatbots
-      # Gotta preserve that thinking ability of my smoof bwain
       blocked_names = {
+        # Blocklists are made of one pattern per line.
+        # https://github.com/DNSCrypt/dnscrypt-proxy/blob/fa59f990431a49b6485f63f96601bc7e64017bf8/dnscrypt-proxy/example-dnscrypt-proxy.toml#L583C4-L583C75
         blocked_names_file = let
           sources = import ../../../../npins;
-          ai-blocklist = sources.ai-blocklist + "/noai_hosts.txt";
 
-          # Blocklists are made of one pattern per line.
-          # https://github.com/DNSCrypt/dnscrypt-proxy/blob/fa59f990431a49b6485f63f96601bc7e64017bf8/dnscrypt-proxy/example-dnscrypt-proxy.toml#L583C4-L583C75
-          blocked_names = lib.pipe (builtins.readFile ai-blocklist) [
+          # Prevent building up reliance on chatbots
+          # Gotta preserve that thinking ability of my smoof bwain
+          ai_list = lib.pipe (builtins.readFile "${sources.ai-blocklist}/noai_hosts.txt") [
             (lib.replaceStrings ["\r\n"] ["\n"]) # convert to unix ending just in case
             (lib.splitString "\n")
             (builtins.filter (x: ! (x == "" || lib.hasPrefix "#" x)))
             (builtins.map (x: builtins.elemAt (lib.splitString " " x) 1)) # remove 0.0.0.0
           ];
+
+          hategroup-list = lib.pipe (builtins.readFile "${sources.hategroup-blocklist}/blocklist.txt") [
+            (lib.replaceStrings ["\r\n"] ["\n"]) # convert to unix ending just in case
+            (lib.splitString "\n")
+            (builtins.filter (x: ! (x == "" || lib.hasPrefix "#" x)))
+          ];
+
+          combined_lists = ai_list ++ hategroup-list;
         in
-          pkgs.writeText "no-ai-blocklist" (builtins.concatStringsSep "\n" blocked_names);
+          pkgs.writeText "dnsblocklist" (builtins.concatStringsSep "\n" combined_lists);
       };
 
       # Add this to test if dnscrypt-proxy is actually used to resolve DNS requests
diff --git a/npins/sources.json b/npins/sources.json
index c81b44a7..b91252c3 100644
--- a/npins/sources.json
+++ b/npins/sources.json
@@ -105,6 +105,34 @@
       "hash": "0g4izwn5k7qpavlk3w41a92rhnp4plr928vmrhc75041vzm3vb1l",
       "frozen": true
     },
+    "hategroup-blocklist": {
+      "type": "Git",
+      "repository": {
+        "type": "GitHub",
+        "owner": "chigh",
+        "repo": "hategroup-dnsbl"
+      },
+      "branch": "master",
+      "submodules": false,
+      "revision": "cc19c050997d5f54014bb20c764b131e003dfb17",
+      "url": "https://github.com/chigh/hategroup-dnsbl/archive/cc19c050997d5f54014bb20c764b131e003dfb17.tar.gz",
+      "hash": "1x1nhy0717bav35z6aid0224izmcsrg3knys64xszhslh266p429",
+      "frozen": true
+    },
+    "hategroup-dnsbl": {
+      "type": "Git",
+      "repository": {
+        "type": "GitHub",
+        "owner": "chigh",
+        "repo": "hategroup-dnsbl"
+      },
+      "branch": "master",
+      "submodules": false,
+      "revision": "cc19c050997d5f54014bb20c764b131e003dfb17",
+      "url": "https://github.com/chigh/hategroup-dnsbl/archive/cc19c050997d5f54014bb20c764b131e003dfb17.tar.gz",
+      "hash": "1x1nhy0717bav35z6aid0224izmcsrg3knys64xszhslh266p429",
+      "frozen": true
+    },
     "home-manager": {
       "type": "Git",
       "repository": {