NextDNS · home network security threats
13 JUNE 2026 · window -24h
At a glance
- ✅ GREEN — 0 security-category blocks in the last 24h
- Threshold: 0 green · 1-4 amber · 5+ red
- Source: NextDNS Analytics API · profile PA
Why this matters
The security suite (AI threat detection, threat-intel feeds, Google Safe Browsing, cryptojacking, DNS rebinding, IDN homographs, typosquatting, DGA, NRD, parking, CSAM) catches DNS queries that match known-bad indicators. A non-zero count means a device on the home network tried to resolve a domain on a security list — worth investigating which device and which domain to confirm whether the block was protective (great) or a false-positive on legitimate use.
Privacy blocks (ads/trackers/social-media filters) are not counted here — they’re high-volume by design and noise-up the signal.
Security-category breakdown
No security-category blocks in this window.
Top devices in the window
| Device | Queries |
|---|---|
unidentified (__UNIDENTIFIED__) |
74,940 |
| Apple TV Upstairs | 51,795 |
| Dan’s MacBook 14” Pro | 26,261 |
| Audrey iMac M1 | 11,974 |
| iPhone 13 Pro | 11,288 |
| Lounge TV | 2,781 |
| Dan’s M2 | 42 |
What to do next
- Open the NextDNS log: https://my.nextdns.io/9bb389/logs
- Filter to the security category that fired (e.g. Threat Intel Feeds)
- For each blocked query, identify: which device, which domain, what was running at the time
- Decision: keep block (real threat caught) · allowlist (false positive) · investigate device (malware/compromised app)
Generated by dare_nextdns_audit.py --check security