AI Detection · v4.2 now live

Block threats at the resolver,
before they reach your network.

olladns protects every device — on-network, roaming, or remote — with AI-driven DNS filtering. Catch phishing, malware C2, and zero-day domains in milliseconds.

Start free 14-day trial See live demo
99.999% resolver uptime
SOC 2 Type II · ISO 27001
4ms average latency
console.olladns.com/overview
olladns
MONITOR
Overview
Query Loglive
Threats
AI Detection
CONFIGURE
Policies
Categories
Block / Allow
Queries 24h
14.2M
Blocked
412.8K
Threats
1,284
Latency
4.1ms
DNS activity · 24h
live
10:0014:0018:0022:0002:0006:00now
Recent threats
AI
09:42:18blocklogin-microsoft-secure.cfPhishing
09:41:02blockc2-server-relay.icuC&C
09:39:55blockpaypal-verify-update.topPhishing
09:38:12blockcrypt0-mining-pool.clickCryptomining
Trusted by 4,200+ security teams worldwide
NORTHWIND
contoso.
/// ATLAS
Stratus⌁
Bramble & Co.
⌬ HELIX
Vector*
QUANTA
redoak⏧
PARALLEL
Meridian
Iris/IO
Why olladns

DNS-layer security is your first & cheapest line of defense.

Most threats start with a DNS lookup. Stop them there — before traffic ever reaches the device — and you neutralize phishing, ransomware, and exfiltration in one move.

AI catches what feeds miss

Five specialized ML models score every lookup for phishing lookalikes, DGAs, and newly-registered domains. We block zero-days an average of 14 hours before threat feeds add them.

Global anycast resolvers

43 POPs across 6 continents. Average resolve time 4.1ms. Users feel nothing — except the absence of bad sites.

Anywhere protection

Roaming clients for macOS, Windows, iOS, Android, ChromeOS & Linux. Same policy on the office Wi-Fi, the airport, or your kid’s school laptop.

Forensic-grade visibility

Every query logged with device, user, category, and verdict. Stream to your SIEM, search 90 days hot, and export evidence in two clicks.

Policy mapped to identity

Sync from Entra ID, Okta, or Google Workspace. Different rules for engineering, finance, guests — applied by user, not by IP.

SIEM & MDM-native

Splunk, Sentinel, Datadog, Jamf, Intune — connected in minutes. olladns slots into the stack you already operate.

182B
Queries resolved per month
5.6M
Malicious domains blocked daily
4.1ms
Average resolve latency
99.999%
Resolver uptime (12mo)
How it works

Live in 15 minutes. Protecting in seconds.

Point your DNS

Set your network resolvers to olladns anycast IPs, or push our roaming client via MDM. No new agents, no traffic mirroring.

primary    76.76.21.21
secondary  76.76.22.22

Pick a policy

Start with our security-first defaults — phishing, malware, C2, cryptomining blocked. Tune categories and lists later, per-site or per-group.

Watch it work

Real-time query log shows every lookup, every block, every threat. Stream to your SIEM and let AI Detection handle the noise.

AI Detection

Catches zero-day threats your feeds don’t know exist yet.

Five models, scoring every lookup in parallel. Newly-registered domain pretending to be your bank? Caught. Algorithmically-generated C2 host? Caught. Typosquat of your SaaS login? Caught.

  • 712 confirmed-malicious catches per day, on average
  • 0.04% false positive rate
  • Detection-to-block latency under 3 seconds
Explore AI Detection
/ai-detection
AI · v4.2 login-microsoft-secure.cf BLOCKED
Confidence96%
Signals
newly registered · 4h lookalike brand DGA-like ngram cert chain anomaly
Models active
5 / 5
Caught today
744
/query-log
streaming 2,841 events / sec
09:42:18allowcdn.cloudflare.comProductivity
09:42:18blocktracker.advert-net.ioAdvertising
09:42:17allowapi.github.comProductivity
09:42:17blockc2-server-relay.icuC&C
09:42:16allowslack.comProductivity
09:42:16allowfigma.comProductivity
09:42:15blockcrypt0-mining-pool.clickCryptomining
Query Log

Every lookup. Every device. Live.

A streaming, searchable record of every DNS query on your network. Filter by domain, device, user, category, country, verdict — then click any row to see exactly why it was allowed or blocked.

  • 90 days of hot retention, 13 months cold
  • Streams to Splunk, Sentinel, Datadog & S3
  • Audit-ready CSV / JSONL export
See the Query Log

olladns replaced four scripts, three feeds, and an aging on-prem appliance. Our SOC catches roughly twice the phishing it did six months ago — and the false-positive triage is finally a non-event.

Priya Sharma
Director of Security · Northwind Labs
12,402
malicious blocks/day
−68%
phishing click-through
3.4 hrs
to deploy across 14 sites
$220K
annual stack consolidation

Spin up olladns in 15 minutes.
See blocks in your first hour.

Free 14-day trial. Full feature access. No credit card. Your existing DNS keeps working until you switch.

Start free trial View pricing