Look into a pi-hole. Its perfect for that situation.
Unless you run you're own recursive resolver behind pi-hoe, you're still opening your rectum. That said, it's not too hard. I use unbound. As far as services go, use the one your VPN offers if you're on a VPN. NextDNS seems legit but who the fuck knows anymore.
I hate to say it, but the entirety of the DNS system is compromised. Either open your rectum to Verizon and AT&T or open your rectum to Google and Cloudflare.
There are actually several smaller companies out there that offer public DNS services and claim to be completely unrestricted and unlogged. My favorite is this one: https://freedns.zone/en/
Also, it is not really a big trick to run your own nameserver software and eliminate the third party. If you are running linux or mac, you can install easily. If you are running windows, there is (although for Windows you will have to run an older version). Then you just point your DNS to localhost 127.0.0.1
(post is archived)