TIL reading CitizenLab's "Great iPwn" report from last month  that Turkey’s Government-run Computer Emergency Response Team (USOM)  maintains a public filterlist of malicious hosts they observe.
Hosts: https://www.usom.gov.tr/url-list.txt (~90k domains, ~2 MB)
 https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/ https://en.wikipedia.org/wiki/TR-CERT
Nice, the filter list has been added to NextDNS.
Personal instance of nitrohorse (nitrohorse.com).