NextDNS · home network security threats
6 JUNE 2026 · window -24h
At a glance
- ✅ GREEN — 0 security-category blocks in the last 24h
- Threshold: 0 green · 1-4 amber · 5+ red
- Source: NextDNS Analytics API · profile PA
Why this matters
The security suite (AI threat detection, threat-intel feeds, Google Safe Browsing, cryptojacking, DNS rebinding, IDN homographs, typosquatting, DGA, NRD, parking, CSAM) catches DNS queries that match known-bad indicators. A non-zero count means a device on the home network tried to resolve a domain on a security list — worth investigating which device and which domain to confirm whether the block was protective (great) or a false-positive on legitimate use.
Privacy blocks (ads/trackers/social-media filters) are not counted here — they’re high-volume by design and noise-up the signal.
Security-category breakdown
No security-category blocks in this window.
Top devices in the window
| Device | Queries |
|---|---|
unidentified (__UNIDENTIFIED__) |
106,193 |
| Apple TV Upstairs | 41,923 |
| Audrey iMac M1 | 12,374 |
| iPhone 13 Pro | 11,192 |
| Lounge TV | 4,794 |
| dans-macbook-14–pro | 258 |
| iphone-13-pro-max | 44 |
| Dan’s M2 | 26 |
| vm-asia-gcp | 16 |
What to do next
- Open the NextDNS log: https://my.nextdns.io/9bb389/logs
- Filter to the security category that fired (e.g. Threat Intel Feeds)
- For each blocked query, identify: which device, which domain, what was running at the time
- Decision: keep block (real threat caught) · allowlist (false positive) · investigate device (malware/compromised app)
Generated by dare_nextdns_audit.py --check security