I'll do you one better, download a no root firewall that channels all of your traffic through a fake VPN which then drops it. You will be amazed at how many ads you don't see.
Obviously if you're not competent or are lazy with whitelisting apps when you need them to use the internet and then disabling it again this will be unhelpful to you; continue to feed the machine.
I am not super technical (blue collar electrician) but I use a PiHole (/r/PiHole or Pi-Hole.net) to block the majority of online tracking/advertising.
Extremely intuitive, relatively inexpensive... you can even force your entire network to obey ad-blocking lists (I tell my DHCP router to issue DNS lookups to PiHole; if individual machines need to be un-filtered they manually set DNS to 192.168.0.1 [router] instead of default PiHole) .
I don't carry a cell phone / use apps, but I know there is a method to make your on-the-go queries also filter through your home network's PiHole .
I also use a pi-hole, but I have had to mess with the configuration and troubleshoot things so often that I don’t feel comfortable recommending it to non-technical people.
I also think the average person is more likely to need this on a cell phone almost exclusively.
>I don’t feel comfortable recommending it to non-technical people.
Everybody is so "¡wow cool!" about Pi-Holes, until a desired website breaks... and then DNS-filtering gets temporarily disabled, typically forever.
So definitely requires a semi-technical person to maintain complex lists... my home network features separate PiHoles: one is default issued, via DHCP (with minimal blocklist), primarily for guests/IoT/fallback; the second filter is manually-configured as DNS on only my devices (it breaks just about anything I haven't whitelisted).
This allows a third option, which has users manually entering their router IP as DNS (bypassing all PiHoles, relying upon ISP's upstream DNS resolution)... but if you don't manually set a DNS, the DHCP still resolves to a minimal seven-rule blocklist.
----
There is apparently a method of using pfsense to capture all network DNS requests and then run them through a default local resolver... but I found it easier to just use DHCP to issue local DNS IP (am only semi-technical, myself).
Very similarly, I use NextDNS, with all the filters enabled except few exceptions that I manually add.
It's basically like a Raspberry Pi hole; but on cloud, very easy to configure and with so many options and ready-to-use blocklists. It's free up to 3 million queries a month.
On Android there a gotchya - google play services is capable of acting as a
transparent proxy so remember you MUST also disables google services framework / play services internet access to truly block some apps from using the web (I learned this when a webcam app 'icsee' bypassed the VPN firewall by using play services proxy network access.
There is a bug in older android which allows data to leak past the VPN while the device is starting and if you disable/enable the VPN connection mid connection.
Facebook appears to have a caching component as it will send a large databurst when it's connection is restored.
Here's a typical article but the reason firewall isn't standard is you won't get ads and that juicy data stream stops. You will find some apps punish you for restrictions to their internet - learn which ones and uninstall them.
https://www.airdroid.com/mdm/android-firewall-settings/
Obviously if you're not competent or are lazy with whitelisting apps when you need them to use the internet and then disabling it again this will be unhelpful to you; continue to feed the machine.