🛡️ Security Report

Friday, June 26, 2026 — 22:00 ICT

💻 System Health

44G/473G
Disk Used
1.8Gi/30Gi
Memory (6%)
1.60, 1.72, 2.07
Load Average
2 weeks, 1 day, 10 hours, 31 minutes
Uptime

Fail2ban: active  ·  UFW Blocks (24h): 26,203

📡 Open Ports

✓ ufw-docker active Docker ports on 0.0.0.0 are blocked from external access

Cross-referenced with Docker port mappings and UFW rules

Local AddressServiceType
100.80.139.9:8000docker-proxy Docker internal
10.0.1.1:22sshd
0.0.0.0:443docker-proxy Docker 0.0.0.0 (ufw-docker blocked)
0.0.0.0:80docker-proxy Docker 0.0.0.0 (ufw-docker blocked)
100.80.139.9:6002docker-proxy Docker internal
100.80.139.9:6001docker-proxy Docker internal
127.0.0.1:22sshd loopback
100.80.139.9:36486tailscaled Tailscale
127.0.0.1:8000docker-proxy loopback
127.0.0.1:24543moshi-hook loopback
127.0.0.1:6012cloudflared loopback
0.0.0.0:8080docker-proxy Docker 0.0.0.0 (ufw-docker blocked)
127.0.0.54:53systemd-resolve
100.80.139.9:22sshd Tailscale
127.0.0.53%lo:53systemd-resolve
10.0.0.1:22sshd
100.80.139.9:8443tailscaled Tailscale
[::]:443docker-proxy Docker internal
[::]:80docker-proxy Docker internal
[fd7a:115c:a1e0::533b:8b09]:22sshd Tailscale
[::]:8080docker-proxy Docker internal
[fd7a:115c:a1e0::533b:8b09]:8443tailscaled Tailscale
[fd7a:115c:a1e0::533b:8b09]:43591tailscaled Tailscale

🔥 Firewall (UFW)

Status: active

To                         Action      From
--                         ------      ----
41641/udp                  ALLOW       Anywhere                  
22/tcp on tailscale0       ALLOW       Anywhere                   # SSH via Tailscale only
Anywhere on tailscale0     ALLOW       Anywhere                  
60000:61000/udp on tailscale0 ALLOW       Anywhere                   # Mosh via Tailscale
22/tcp on docker0          ALLOW       Anywhere                  
41642/udp                  ALLOW       Anywhere                   # Tailscale peer relay
41641/udp (v6)             ALLOW       Anywhere (v6)             
22/tcp (v6) on tailscale0  ALLOW       Anywhere (v6)              # SSH via Tailscale only
Anywhere (v6) on tailscale0 ALLOW       Anywhere (v6)             
60000:61000/udp (v6) on tailscale0 ALLOW       Anywhere (v6)              # Mosh via Tailscale
22/tcp (v6) on docker0     ALLOW       Anywhere (v6)             
41642/udp (v6)             ALLOW       Anywhere (v6)              # Tailscale peer relay

🔐 SSH Activity

0
Failed Attempts (24h)
9497
New Sessions (24h)

🔒 Tailscale SSH Logins (last 10)

TimeIPHostTailscale UserNode
06/26 12:13100.95.106.126iphoneairtagged-devicesiphoneair
06/26 12:14100.95.106.126iphoneairtagged-devicesiphoneair

🔑 Other SSH Logins (last 10)

TimeIPHostPort
06/26 21:0110.0.0.210.0.0.252592
06/26 21:0710.0.0.210.0.0.255678
06/26 21:1310.0.0.210.0.0.241534
06/26 21:1910.0.0.210.0.0.244232
06/26 21:2510.0.0.210.0.0.237628
06/26 21:3110.0.0.210.0.0.240120
06/26 21:3710.0.0.210.0.0.257722
06/26 21:4310.0.0.210.0.0.239960
06/26 21:4910.0.0.210.0.0.250316
06/26 21:5510.0.0.210.0.0.258994

🔍 Processes

⚠ High CPU (>50%)

UserPIDCPUCommand
9999351818464.0%/usr/local/bin/php

✓ No high memory processes

🌐 Tailscale

13/15 peers online

NodeOSIPStatus
ssdnode this machinelinux100.80.139.9✓ Online
appletvtvOS100.108.161.6✓ Online
boxlinux100.86.226.66✓ Online
contabolinux100.111.135.6✓ Online
glkvmlinux100.123.198.85✓ Online
hkrouterlinux100.66.31.7✓ Online
ipad13tviOS100.117.146.121✓ Online
ipadproiOS100.65.224.43✓ Online
iphone-14-pro-maxiOS100.92.136.103✓ Online
iphoneairiOS100.95.106.126✓ Online
kitailinux100.97.4.90✓ Online
kits-macbook-airmacOS100.127.101.27✓ Online
kits-macbook-pro-9h4ymacOS100.123.239.87✓ Online
tencentlinux100.109.227.19✓ Online
kitlegiongowindows100.67.231.89✗ Offline
mobilerouterlinux100.127.101.21✗ Offline

🐣 Docker

✓ No TCP daemon exposure

ContainerStatusPorts
coolify-sentinelUp 5 days (healthy)
so13t9jiakgbyzwp863dmvzu-103035573499Up 5 days3000/tcp
lijg3ncf0yp8on32jagmeg0yUp 5 days (healthy)5432/tcp
lkn2msiqhoymcuyaa64cnazj-065012572847Up 5 days3000/tcp
ithh2dbx1jyjl6dejr3mre1kUp 5 days (healthy)5432/tcp
enthri8p43s4atofatobcunp-232449789422Up 5 days3000/tcp
coolifyUp 5 days (healthy)8000/tcp, 8443/tcp, 9000/tcp, 100.80.139.9:8000->8080/tcp, 127.0.0.1:8000->8080/tcp
coolify-proxyUp 5 days (healthy)0.0.0.0:80->80/tcp, [::]:80->80/tcp, 0.0.0.0:443->443/tcp, [::]:443->443/tcp, 0.0.0.0:8080->8080/tcp, [::]:8080->8080/tcp, 0.0.0.0:443->443/udp, [::]:443->443/udp
coolify-realtimeUp 5 days (healthy)100.80.139.9:6001-6002->6001-6002/tcp
coolify-dbUp 5 days (healthy)5432/tcp
coolify-redisUp 5 days (healthy)6379/tcp

🚫 UFW Block Details (24h)

Top Source IPs

6912 10.0.0.3
   3940 10.0.0.2
    944 2
    793 2001
    404 69.4.83.194
    275 79.124.62.230
    260 79.124.62.134
    194 79.124.62.126
    141 2604
    127 185.150.191.236

Top Targeted Ports

6968 8000
   3940 23517
    882 23
    290 2221
    178 3389
    147 22
     99 8443
     66 1433
     60 2087
     59 8888

☁️ Cloudflare Tunnel

Uptime: Thu 2026-06-11 04:29:24 UTC · 0 domains routed

4
HA Connections
4
Edge Locations
488
Request Errors
0
Active Sessions

Edges: sin07, sin16, sin17, sin21

DomainStatus

⚠ Attack Attempts (7d) 45

TypeCount
App probe23
Other19
AWS credential probe2
Path traversal1

📋 Report History