To block https domains, I added a rule to my iptables/ufw to reject 443. My problem is that rejecting takes relatively long, so it still takes 2-3 seconds until ERR_CONNECTION_REFUSED appears. Is that normal or can I somehow decrease these times?
I'm curious whether you had any specific browsing issue that you were trying to fix?
I don't exactly know what you mean.
My previous problem was that https domains only timed out instead of getting refused, which took like 10 seconds or more per domain. So websites took very long to load.
I fixed this by rejecting port 443 with my firewall, so that the https domains get refused instead of waiting for timeout.
This is working fine now, but the time before the browser realises that the domain is refused is still kinda high (2-3 seconds) and it would be awesome if this whole process could happen in a few milliseconds.
Know I want to know how to increase this process. 
I hope I could explain somehow clear what I want. haha.
Perhaps it's IPv6?
I already enabled ULA.
How's the ping on both IPv4 and IPv6?
Ping gives out "<1ms" for both IPv4 and 6.
I just discovered that I can reach my RasPi with two IPv6 addresses. Is that "okay"?
Yes, multiple IPv6 addresses are part of how that system works. Try using Chrome's dev tools to profile the page request (look under the network tab and click on the page request, then timing tab).
Hm, that looks like your browser is stalling for 100ms and then the query takes 15ms. Are you running any extensions? Try that check a few more times to see if it always stalls for ~100ms, or if it's more random. That time might be the time til first byte, so the PHP backend would still be processing and generating the page.
I tested it in Chrome, Vivaldi and ChromiumPortable. All of them are based on chromium, all the same results. Also tested it with a clean firefox install, takes even longer with firefox.
Also tested it on my smartphone, there the connection refuses almost instantly in every browser. 
Can you please share the site where the delay happens?
Basically on any https site that is blocked in pi-hole.
I tried it with:
If you're getting similar results (stalling for ~100ms or more) and only on that one device, then I'd assume the device is having some issue resolving DNS. If you change the DNS on that device to something else, does it have the same problem?
The Chrome documentation specifies this about the "Stalled" phase:
- There are higher priority requests.
- There are already six TCP connections open for this origin, which is the limit. Applies to HTTP/1.0 and HTTP/1.1 only.
- The browser is briefly allocating space in the disk cache
Here's a site I use to benchmark loading because there are many https ads. For me the worst case is it takes ~20-30 secs each time a page completes loading. This site https://is.gd/r7iEwG