Frame challenge: that isn't realistic.
Ubuntu (and Linux in general) is not Windows. So when looking at a specific type of attack, double-check that it would be applicable to Linux and not just Windows. But... you still asked the question, and let's say you want to do it regardless.
But... you still asked the question, and let's say you want to do it regardless of that.
Also, the phrase "ban access" implies "everyone on that computer". For redirecting, you'd need a proxy (which is beyond the scope of this answer).
So let's head back to blocking. Imagine you have a page someone on your PC tries to visit, say, https://example.zip. Your computer needs to turn that domain into an IP address as part of "accessing" that website. It does this via DNS. Ok, you go and point your system DNS resolver at some other DNS resolver that doesn't resolve that TLD. It seems like you're done. You may need to flush a cache, depending on your system, but it should be blocked... or... not?
Turns out, some browsers, including Firefox have their own way of doing DNS resolving. While it can be disabled, note that users can likely go change the DNS settings in Firefox to something other than what you want (causing that TLD to function for them again).
By the way, you didn't specify browsers. From the CLI, apps can theoretically just query whatever DNS server they feel like. It is (often) bad-practice. But don't expect just changing your DNS server to stop a determined user/program from evading your TLD ban.
So, you'll need to be somewhat more clear about what you actually need
- Why do you want to ban it? More specifically, what threat are you trying to protect against?
- Are users on the machine willing to mess with browser DNS settings, potentially un-doing your changes? That will make blocking it way harder
- Is there some other way to accomplish what you're going for?
This isn't to say it is flat-out impossible. But, there are a lot of complications with trying to all-out ban a TLD on your machine.
