🛡️ Security Report

Sunday, June 21, 2026 — 22:00 ICT

💻 System Health

47G/473G
Disk Used
1.5Gi/30Gi
Memory (5%)
3.28, 1.84, 1.55
Load Average
1 week, 3 days, 10 hours, 31 minutes
Uptime

Fail2ban: active  ·  UFW Blocks (24h): 2,925

📡 Open Ports

✓ ufw-docker active Docker ports on 0.0.0.0 are blocked from external access

Cross-referenced with Docker port mappings and UFW rules

Local AddressServiceType
100.80.139.9:8000docker-proxy Docker internal
10.0.1.1:22sshd
0.0.0.0:443docker-proxy Docker 0.0.0.0 (ufw-docker blocked)
0.0.0.0:80docker-proxy Docker 0.0.0.0 (ufw-docker blocked)
100.80.139.9:6002docker-proxy Docker internal
100.80.139.9:6001docker-proxy Docker internal
127.0.0.1:22sshd loopback
100.80.139.9:36486tailscaled Tailscale
127.0.0.1:8000docker-proxy loopback
127.0.0.1:24543moshi-hook loopback
127.0.0.1:6012cloudflared loopback
0.0.0.0:8080docker-proxy Docker 0.0.0.0 (ufw-docker blocked)
127.0.0.54:53systemd-resolve
100.80.139.9:22sshd Tailscale
127.0.0.53%lo:53systemd-resolve
10.0.0.1:22sshd
100.80.139.9:8443tailscaled Tailscale
[::]:443docker-proxy Docker internal
[::]:80docker-proxy Docker internal
[fd7a:115c:a1e0::533b:8b09]:22sshd Tailscale
[::]:8080docker-proxy Docker internal
[fd7a:115c:a1e0::533b:8b09]:8443tailscaled Tailscale
[fd7a:115c:a1e0::533b:8b09]:43591tailscaled Tailscale

🔥 Firewall (UFW)

Status: active

To                         Action      From
--                         ------      ----
41641/udp                  ALLOW       Anywhere                  
22/tcp on tailscale0       ALLOW       Anywhere                   # SSH via Tailscale only
Anywhere on tailscale0     ALLOW       Anywhere                  
60000:61000/udp on tailscale0 ALLOW       Anywhere                   # Mosh via Tailscale
22/tcp on docker0          ALLOW       Anywhere                  
41641/udp (v6)             ALLOW       Anywhere (v6)             
22/tcp (v6) on tailscale0  ALLOW       Anywhere (v6)              # SSH via Tailscale only
Anywhere (v6) on tailscale0 ALLOW       Anywhere (v6)             
60000:61000/udp (v6) on tailscale0 ALLOW       Anywhere (v6)              # Mosh via Tailscale
22/tcp (v6) on docker0     ALLOW       Anywhere (v6)

🔐 SSH Activity

0
Failed Attempts (24h)
1015
New Sessions (24h)

🔒 Tailscale SSH Logins (last 10)

TimeIPHostTailscale UserNode
06/21 12:08100.117.146.121ipad13tvtagged-devicesipad13tv
06/21 12:09100.117.146.121ipad13tvtagged-devicesipad13tv

🔑 Other SSH Logins (last 10)

TimeIPHostPort
06/21 21:0110.0.0.210.0.0.244806
06/21 21:0710.0.0.210.0.0.233196
06/21 21:1310.0.0.210.0.0.251616
06/21 21:1910.0.0.210.0.0.249832
06/21 21:2510.0.0.210.0.0.233382
06/21 21:3110.0.0.210.0.0.251350
06/21 21:3710.0.0.210.0.0.241068
06/21 21:4310.0.0.210.0.0.238850
06/21 21:4910.0.0.210.0.0.237170
06/21 21:5510.0.0.210.0.0.245846

🔍 Processes

⚠ High CPU (>50%)

UserPIDCPUCommand
999914318867.9%/usr/local/bin/php
999914323660.9%/usr/local/bin/php

✓ No high memory processes

🌐 Tailscale

11/15 peers online

NodeOSIPStatus
ssdnode this machinelinux100.80.139.9✓ Online
boxlinux100.86.226.66✓ Online
contabolinux100.111.135.6✓ Online
glkvmlinux100.123.198.85✓ Online
hkrouterlinux100.66.31.7✓ Online
ipad13tviOS100.117.146.121✓ Online
ipadproiOS100.65.224.43✓ Online
iphoneairiOS100.95.106.126✓ Online
kitailinux100.97.4.90✓ Online
kits-macbook-airmacOS100.127.101.27✓ Online
kits-macbook-pro-9h4ymacOS100.123.239.87✓ Online
tencentlinux100.109.227.19✓ Online
appletvtvOS100.108.161.6✗ Offline
iphone-14-pro-maxiOS100.92.136.103✗ Offline
kitlegiongowindows100.67.231.89✗ Offline
mobilerouterlinux100.127.101.21✗ Offline

🐣 Docker

✓ No TCP daemon exposure

ContainerStatusPorts
coolify-sentinelUp 12 hours (healthy)
so13t9jiakgbyzwp863dmvzu-103035573499Up 12 hours3000/tcp
lijg3ncf0yp8on32jagmeg0yUp 12 hours (healthy)5432/tcp
lkn2msiqhoymcuyaa64cnazj-065012572847Up 12 hours3000/tcp
ithh2dbx1jyjl6dejr3mre1kUp 12 hours (healthy)5432/tcp
enthri8p43s4atofatobcunp-232449789422Up 12 hours3000/tcp
coolifyUp 12 hours (healthy)8000/tcp, 8443/tcp, 9000/tcp, 100.80.139.9:8000->8080/tcp, 127.0.0.1:8000->8080/tcp
coolify-proxyUp 12 hours (healthy)0.0.0.0:80->80/tcp, [::]:80->80/tcp, 0.0.0.0:443->443/tcp, [::]:443->443/tcp, 0.0.0.0:8080->8080/tcp, [::]:8080->8080/tcp, 0.0.0.0:443->443/udp, [::]:443->443/udp
coolify-realtimeUp 12 hours (healthy)100.80.139.9:6001-6002->6001-6002/tcp
coolify-dbUp 12 hours (healthy)5432/tcp
coolify-redisUp 12 hours (healthy)6379/tcp

🚫 UFW Block Details (24h)

Top Source IPs

843 10.0.0.3
    399 10.0.0.2
    131 2604
    117 2001
     89 2
     47 2607
     18 79.124.62.230
     14 79.124.62.134
     12 212.73.148.7
     12 185.150.191.236

Top Targeted Ports

847 8000
    399 23517
     45 2221
     23 23
     20 3389
     15 8443
     10 22
      8 8888
      8 5555
      8 5000

☁️ Cloudflare Tunnel

Uptime: Thu 2026-06-11 04:29:24 UTC · 0 domains routed

4
HA Connections
3
Edge Locations
468
Request Errors
0
Active Sessions

Edges: sin11, sin15, sin16

DomainStatus

⚠ Attack Attempts (7d) 464

TypeCount
Other413
App probe26
AWS credential probe25

📋 Report History