🛡️ Security Report

Sunday, June 28, 2026 — 22:00 ICT

💻 System Health

47G/473G
Disk Used
1.6Gi/30Gi
Memory (5%)
4.53, 2.90, 2.24
Load Average
2 weeks, 3 days, 10 hours, 31 minutes
Uptime

Fail2ban: active  ·  UFW Blocks (24h): 2,957

📡 Open Ports

✓ ufw-docker active Docker ports on 0.0.0.0 are blocked from external access

Cross-referenced with Docker port mappings and UFW rules

Local AddressServiceType
100.80.139.9:8000docker-proxy Docker internal
10.0.1.1:22sshd
0.0.0.0:443docker-proxy Docker 0.0.0.0 (ufw-docker blocked)
0.0.0.0:80docker-proxy Docker 0.0.0.0 (ufw-docker blocked)
100.80.139.9:6002docker-proxy Docker internal
100.80.139.9:6001docker-proxy Docker internal
127.0.0.1:22sshd loopback
100.80.139.9:36486tailscaled Tailscale
127.0.0.1:8000docker-proxy loopback
127.0.0.1:24543moshi-hook loopback
127.0.0.1:6012cloudflared loopback
0.0.0.0:8080docker-proxy Docker 0.0.0.0 (ufw-docker blocked)
127.0.0.54:53systemd-resolve
100.80.139.9:22sshd Tailscale
127.0.0.53%lo:53systemd-resolve
10.0.0.1:22sshd
100.80.139.9:8443tailscaled Tailscale
[::]:443docker-proxy Docker internal
[::]:80docker-proxy Docker internal
[fd7a:115c:a1e0::533b:8b09]:22sshd Tailscale
[::]:8080docker-proxy Docker internal
[fd7a:115c:a1e0::533b:8b09]:8443tailscaled Tailscale
[fd7a:115c:a1e0::533b:8b09]:43591tailscaled Tailscale

🔥 Firewall (UFW)

Status: active

To                         Action      From
--                         ------      ----
41641/udp                  ALLOW       Anywhere                  
22/tcp on tailscale0       ALLOW       Anywhere                   # SSH via Tailscale only
Anywhere on tailscale0     ALLOW       Anywhere                  
60000:61000/udp on tailscale0 ALLOW       Anywhere                   # Mosh via Tailscale
22/tcp on docker0          ALLOW       Anywhere                  
41642/udp                  ALLOW       Anywhere                   # Tailscale peer relay
41641/udp (v6)             ALLOW       Anywhere (v6)             
22/tcp (v6) on tailscale0  ALLOW       Anywhere (v6)              # SSH via Tailscale only
Anywhere (v6) on tailscale0 ALLOW       Anywhere (v6)             
60000:61000/udp (v6) on tailscale0 ALLOW       Anywhere (v6)              # Mosh via Tailscale
22/tcp (v6) on docker0     ALLOW       Anywhere (v6)             
41642/udp (v6)             ALLOW       Anywhere (v6)              # Tailscale peer relay

🔐 SSH Activity

0
Failed Attempts (24h)
1034
New Sessions (24h)

🔑 Other SSH Logins (last 10)

TimeIPHostPort
06/28 21:0110.0.0.210.0.0.235148
06/28 21:0710.0.0.210.0.0.239588
06/28 21:1310.0.0.210.0.0.255710
06/28 21:1910.0.0.210.0.0.251608
06/28 21:2510.0.0.210.0.0.240734
06/28 21:3110.0.0.210.0.0.246184
06/28 21:3710.0.0.210.0.0.233202
06/28 21:4310.0.0.210.0.0.244210
06/28 21:4910.0.0.210.0.0.247386
06/28 21:5510.0.0.210.0.0.245186

🔍 Processes

⚠ High CPU (>50%)

UserPIDCPUCommand
99994093961121%/usr/local/bin/php
9999409381455.1%/usr/local/bin/php

✓ No high memory processes

🌐 Tailscale

12/15 peers online

NodeOSIPStatus
ssdnode this machinelinux100.80.139.9✓ Online
appletvtvOS100.108.161.6✓ Online
boxlinux100.86.226.66✓ Online
contabolinux100.111.135.6✓ Online
glkvmlinux100.123.198.85✓ Online
hkrouterlinux100.66.31.7✓ Online
ipad13tviOS100.117.146.121✓ Online
ipadproiOS100.65.224.43✓ Online
iphoneairiOS100.95.106.126✓ Online
kitailinux100.97.4.90✓ Online
kits-macbook-airmacOS100.127.101.27✓ Online
kits-macbook-pro-9h4ymacOS100.123.239.87✓ Online
tencentlinux100.109.227.19✓ Online
iphone-14-pro-maxiOS100.92.136.103✗ Offline
kitlegiongowindows100.67.231.89✗ Offline
mobilerouterlinux100.127.101.21✗ Offline

🐣 Docker

✓ No TCP daemon exposure

ContainerStatusPorts
coolify-sentinelUp 7 days (healthy)
so13t9jiakgbyzwp863dmvzu-103035573499Up 7 days3000/tcp
lijg3ncf0yp8on32jagmeg0yUp 7 days (healthy)5432/tcp
lkn2msiqhoymcuyaa64cnazj-065012572847Up 7 days3000/tcp
ithh2dbx1jyjl6dejr3mre1kUp 7 days (healthy)5432/tcp
enthri8p43s4atofatobcunp-232449789422Up 7 days3000/tcp
coolifyUp 7 days (healthy)8000/tcp, 8443/tcp, 9000/tcp, 100.80.139.9:8000->8080/tcp, 127.0.0.1:8000->8080/tcp
coolify-proxyUp 7 days (healthy)0.0.0.0:80->80/tcp, [::]:80->80/tcp, 0.0.0.0:443->443/tcp, [::]:443->443/tcp, 0.0.0.0:8080->8080/tcp, [::]:8080->8080/tcp, 0.0.0.0:443->443/udp, [::]:443->443/udp
coolify-realtimeUp 7 days (healthy)100.80.139.9:6001-6002->6001-6002/tcp
coolify-dbUp 7 days (healthy)5432/tcp
coolify-redisUp 7 days (healthy)6379/tcp

🚫 UFW Block Details (24h)

Top Source IPs

698 10.0.0.3
    407 10.0.0.2
    133 193.46.255.155
    127 2001
    103 2
     74 79.124.62.230
     57 216.180.246.90
     56 2607
     48 79.124.62.134
     47 79.124.62.126

Top Targeted Ports

705 8000
    407 23517
     19 2221
     16 22
     14 3389
     14 23
     10 88
      7 9090
      7 5060
      6 8888

☁️ Cloudflare Tunnel

Uptime: Thu 2026-06-11 04:29:24 UTC · 0 domains routed

4
HA Connections
4
Edge Locations
495
Request Errors
0
Active Sessions

Edges: sin07, sin16, sin17, sin21

DomainStatus

⚠ Attack Attempts (7d) 27

TypeCount
Other20
AWS credential probe3
Path traversal2
App probe2

📋 Report History