<tr><td>07-06-2022 17:58:54 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(79) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'ssmtcalendar'&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:58:54 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(74) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%ssmtcalendar%'&quot;
  [1]=&gt;
  string(12) &quot;ssmtcalendar&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:58:54 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;309&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:58:54 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;309&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:57:03 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(79) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'ssmtcalendar'&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:57:03 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(74) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%ssmtcalendar%'&quot;
  [1]=&gt;
  string(12) &quot;ssmtcalendar&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:57:03 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;308&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:57:03 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;308&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:56:35 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(79) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'ssmtcalendar'&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:56:35 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(74) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%ssmtcalendar%'&quot;
  [1]=&gt;
  string(12) &quot;ssmtcalendar&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:56:35 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;307&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:56:35 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;307&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:46:05 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(70) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'tes'&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:46:05 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(65) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%tes%'&quot;
  [1]=&gt;
  string(3) &quot;tes&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:46:05 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;306&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:46:05 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;306&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:45:59 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;WJR6JTZC4OVMFBPZ&quot;
  [2]=&gt;
  string(127) &quot; , `username` = 'tes', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;306&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:45:59 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;306&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:45:46 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(3) &quot;tes&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;ed51562a977dac44c3f11d455f6950ee5e5270b5&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654616746)
    [&quot;regtime&quot;]=&gt;
    int(1654616746)
    [&quot;key&quot;]=&gt;
    string(16) &quot;WJR6JTZC4OVMFBPZ&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 17:40:50 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(69) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'yr'&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:40:50 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(64) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%yr%'&quot;
  [1]=&gt;
  string(2) &quot;yr&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:40:50 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;305&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:40:50 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;305&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:39:18 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(2) &quot;yr&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;0105843222fb196285749e81e2acde8efddc5035&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654616358)
    [&quot;regtime&quot;]=&gt;
    int(1654616358)
    [&quot;key&quot;]=&gt;
    string(16) &quot;ZDC5OQ7ZZ3RIJ3DW&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 17:38:37 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(71) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'yrdy'&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:38:37 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(66) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%yrdy%'&quot;
  [1]=&gt;
  string(4) &quot;yrdy&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:38:37 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;304&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:38:37 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;304&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:38:31 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(4) &quot;yrdy&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;de1c3b273054a2218607f99e6cf7bd2dce6cf70c&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654616311)
    [&quot;regtime&quot;]=&gt;
    int(1654616311)
    [&quot;key&quot;]=&gt;
    string(16) &quot;DQ6BHQ3LO2CLJF6V&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 17:37:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(71) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'test'&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:37:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(66) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%test%'&quot;
  [1]=&gt;
  string(4) &quot;test&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:37:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;303&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:37:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;303&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:37:07 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(4) &quot;test&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;15d2956bcdfa54c0a45db60964374a7381c09323&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654616227)
    [&quot;regtime&quot;]=&gt;
    int(1654616227)
    [&quot;key&quot;]=&gt;
    string(16) &quot;SJ4QTNEY4QJHMVVL&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 17:23:48 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(71) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'test'&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:23:48 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(66) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%test%'&quot;
  [1]=&gt;
  string(4) &quot;test&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:23:48 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;302&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:23:48 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;302&quot;
}
</pre></td></tr><tr><td>07-06-2022 17:23:41 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(4) &quot;test&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;a94a8fe5ccb19ba61c4c0873d391e987982fbbd3&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654615421)
    [&quot;regtime&quot;]=&gt;
    int(1654615421)
    [&quot;key&quot;]=&gt;
    string(16) &quot;HKM5R6SZASVD7NVR&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 09:59:07 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(72) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'trtrt'&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:59:07 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(67) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%trtrt%'&quot;
  [1]=&gt;
  string(5) &quot;trtrt&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:59:07 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;301&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:59:07 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;301&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:58:58 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(5) &quot;trtrt&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;6c3cdf270f9064e91b68ad06396ada159a08b766&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654588738)
    [&quot;regtime&quot;]=&gt;
    int(1654588738)
    [&quot;key&quot;]=&gt;
    string(16) &quot;3PQETU233Z7BTDKS&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 09:54:36 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(73) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'rerter'&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:54:35 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(68) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%rerter%'&quot;
  [1]=&gt;
  string(6) &quot;rerter&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:54:35 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;300&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:54:35 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;300&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:54:28 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(6) &quot;rerter&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;f6600e4a1c6ef1e7212adf4545b3368ca0075037&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654588468)
    [&quot;regtime&quot;]=&gt;
    int(1654588468)
    [&quot;key&quot;]=&gt;
    string(16) &quot;K7ADZSNH35XRC7D2&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 09:52:06 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(71) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'test'&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:52:06 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(66) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%test%'&quot;
  [1]=&gt;
  string(4) &quot;test&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:52:06 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;299&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:52:06 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;299&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:52:00 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;BVC5MGEOYKD6CWCL&quot;
  [2]=&gt;
  string(128) &quot; , `username` = 'test', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;299&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:52:00 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;299&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:51:53 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(4) &quot;test&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;9c06ab82810b3e96cee1f4f9c56835b695037429&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654588313)
    [&quot;regtime&quot;]=&gt;
    int(1654588313)
    [&quot;key&quot;]=&gt;
    string(16) &quot;BVC5MGEOYKD6CWCL&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 09:50:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=>
  string(71) "UPDATE  </pre></td></tr><tr><td>07-06-2022 09:50:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=>
  string(66) "DELETE FROM </pre></td></tr><tr><td>07-06-2022 09:50:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=>
  string(47) "DELETE FROM </pre></td></tr><tr><td>07-06-2022 09:50:13 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=>
  string(45) "DELETE FROM </pre></td></tr><tr><td>07-06-2022 09:50:08 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=>
  string(62) "UPDATE </pre></td></tr><tr><td>07-06-2022 09:50:07 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=>
  string(61) "UPDATE </pre></td></tr><tr><td>07-06-2022 09:50:01 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=>
  string(32) "INSERT INTO </pre></td></tr><tr><td>07-06-2022 09:48:44 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(72) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'test1'&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:48:44 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(67) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%test1%'&quot;
  [1]=&gt;
  string(5) &quot;test1&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:48:44 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;297&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:48:44 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;297&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:48:19 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;GN4OELRWXRMO3DJN&quot;
  [2]=&gt;
  string(129) &quot; , `username` = 'test1', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;297&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:48:19 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;297&quot;
}
</pre></td></tr><tr><td>07-06-2022 09:47:04 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(4) &quot;test&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;d3ee631efbc685d745327329cdb454c6d4d660ae&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654588024)
    [&quot;regtime&quot;]=&gt;
    int(1654588024)
    [&quot;key&quot;]=&gt;
    string(16) &quot;GN4OELRWXRMO3DJN&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 09:30:13 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `login_attempts` WHERE  `userid` IN ( 294,295,296 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>07-06-2022 09:30:13 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(63) &quot;DELETE FROM `privacy` WHERE `userid` IN ( 294,295,296 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>07-06-2022 09:30:13 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(61) &quot;DELETE FROM `users` WHERE `userid` IN ( 294,295,296 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>07-06-2022 09:29:50 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(5) &quot;test3&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;940970917d064c96d252f81bf76909a5132f0662&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654586990)
    [&quot;regtime&quot;]=&gt;
    int(1654586990)
    [&quot;key&quot;]=&gt;
    string(16) &quot;4TJLYQISO2ABCHO4&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 09:29:37 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(5) &quot;test2&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;ded2eb6a775c81866dedf7490c86f72be0a1a549&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654586977)
    [&quot;regtime&quot;]=&gt;
    int(1654586977)
    [&quot;key&quot;]=&gt;
    string(16) &quot;WV7EKH2KFEITIQGY&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-06-2022 09:26:57 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(4) &quot;test&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;382700e627bc41366cabca101b549600487edda9&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1654586817)
    [&quot;regtime&quot;]=&gt;
    int(1654586817)
    [&quot;key&quot;]=&gt;
    string(16) &quot;YE7VAZSLRVY3YDVA&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>31-05-2022 13:33:11 </td><td>158.113.203.251</td><td>admin/</td><td><pre>patch applied to  /var/www/html/lic/.htaccess
groups, backup taken /var/www/html/admin/tmp/.htaccess6295fcf75ccf6</pre></td></tr><tr><td>31-05-2022 13:32:37 </td><td>158.113.203.251</td><td>admin/</td><td><pre>patch applied to  /var/www/html/lic/.htaccess
groups, backup taken /var/www/html/admin/tmp/.htaccess6295fcd54b184</pre></td></tr><tr><td>31-05-2022 10:14:22 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>31-05-2022 10:14:22 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>31-05-2022 10:13:12 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 1, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>31-05-2022 10:13:12 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>30-05-2022 14:01:47 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>30-05-2022 14:01:47 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>30-05-2022 14:01:47 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2729) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = 'DC=unicef,DC=org',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '0',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '0',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'common',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://mfa01.gva.unicef.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>18-05-2022 09:20:51 </td><td>10.32.111.30</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>18-05-2022 09:20:51 </td><td>10.32.111.30</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>18-05-2022 09:20:50 </td><td>10.32.111.30</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2713) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '0',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '0',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'common',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://mfa01.gva.unicef.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>18-05-2022 09:15:43 </td><td>10.32.111.30</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(195) &quot; , `username` = 'ehuseynov', `localpassword` = '61a135089eac561a2ff7cedeefb03975bed000f8', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>18-05-2022 09:15:43 </td><td>10.32.111.30</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>18-05-2022 09:14:22 </td><td>10.32.111.30</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>18-05-2022 09:14:22 </td><td>10.32.111.30</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>18-05-2022 09:14:01 </td><td>10.32.111.30</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 1, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>18-05-2022 09:14:00 </td><td>10.32.111.30</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>12-05-2022 15:54:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>12-05-2022 15:54:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>12-05-2022 15:54:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2713) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '0',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '0',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '1',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'common',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://mfa01.gva.unicef.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>12-05-2022 15:51:13 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>12-05-2022 15:51:12 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>12-05-2022 15:51:10 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2713) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '0',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '1',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'common',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://mfa01.gva.unicef.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>11-05-2022 13:28:56 </td><td>10.32.137.216</td><td>admin/</td><td><pre>patch applied to  /var/www/html/api.php, backup taken /var/www/html/admin/tmp/api.php627b9df860226</pre></td></tr><tr><td>11-05-2022 13:27:09 </td><td>10.32.137.216</td><td>admin/</td><td><pre>patch applied to  /var/www/html/api.php, backup taken /var/www/html/admin/tmp/api.php627b9d8da1776</pre></td></tr><tr><td>26-04-2022 13:27:10 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(77) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'ehuseynov1'&quot;
}
</pre></td></tr><tr><td>26-04-2022 13:27:10 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(72) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%ehuseynov1%'&quot;
  [1]=&gt;
  string(10) &quot;ehuseynov1&quot;
}
</pre></td></tr><tr><td>26-04-2022 13:27:10 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;293&quot;
}
</pre></td></tr><tr><td>26-04-2022 13:27:10 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;293&quot;
}
</pre></td></tr><tr><td>26-04-2022 13:26:57 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(10) &quot;ehuseynov1&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;61a135089eac561a2ff7cedeefb03975bed000f8&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1650972417)
    [&quot;regtime&quot;]=&gt;
    int(1650972417)
    [&quot;key&quot;]=&gt;
    string(16) &quot;6V6CNCSIISIFUOJ5&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>16-03-2022 16:10:58 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(67) &quot;DELETE FROM `login_attempts` WHERE  `userid` IN ( 291,292 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>16-03-2022 16:10:58 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(59) &quot;DELETE FROM `privacy` WHERE `userid` IN ( 291,292 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>16-03-2022 16:10:58 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(57) &quot;DELETE FROM `users` WHERE `userid` IN ( 291,292 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>16-03-2022 16:10:39 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(6) &quot;zz2323&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;f114c916fbc1b49db00bd9428b7ec6875e703c85&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647443439)
    [&quot;regtime&quot;]=&gt;
    int(1647443439)
    [&quot;key&quot;]=&gt;
    string(16) &quot;6PAEYMEAYJ4SJC3U&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>16-03-2022 16:10:30 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(9) &quot;zz1212121&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;e3516e9c66155c67276e618d6713bea52ee15a4d&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647443430)
    [&quot;regtime&quot;]=&gt;
    int(1647443430)
    [&quot;key&quot;]=&gt;
    string(16) &quot;PIWNW33AUIHXIZUJ&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>15-03-2022 09:28:36 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(79) &quot;DELETE FROM `login_attempts` WHERE  `userid` IN ( 279,280,281,282,283 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>15-03-2022 09:28:36 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `privacy` WHERE `userid` IN ( 279,280,281,282,283 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>15-03-2022 09:28:36 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(69) &quot;DELETE FROM `users` WHERE `userid` IN ( 279,280,281,282,283 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>15-03-2022 09:28:08 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(79) &quot;DELETE FROM `login_attempts` WHERE  `userid` IN ( 284,285,286,287,290 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>15-03-2022 09:28:08 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `privacy` WHERE `userid` IN ( 284,285,286,287,290 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>15-03-2022 09:28:08 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(69) &quot;DELETE FROM `users` WHERE `userid` IN ( 284,285,286,287,290 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>15-03-2022 09:27:53 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(3) &quot; ?p&quot;
  [1]=&gt;
  string(75) &quot;UPDATE `settings` SET enforce_2fa=1, allow_initial_login=0 WHERE 1=1 &quot;
}
</pre></td></tr><tr><td>15-03-2022 09:27:45 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(3) &quot; ?p&quot;
  [1]=&gt;
  string(75) &quot;UPDATE `settings` SET enforce_2fa=1, allow_initial_login=0 WHERE 1=1 &quot;
}
</pre></td></tr><tr><td>15-03-2022 09:14:50 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(3) &quot; ?p&quot;
  [1]=&gt;
  string(75) &quot;UPDATE `settings` SET enforce_2fa=1, allow_initial_login=0 WHERE 1=1 &quot;
}
</pre></td></tr><tr><td>15-03-2022 09:14:41 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(7) &quot;zzztest&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;956bbe4c22a1bdd20398cc912ea5dd3ada70e50e&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647332081)
    [&quot;regtime&quot;]=&gt;
    int(1647332081)
    [&quot;key&quot;]=&gt;
    string(16) &quot;ADIAWMIQKYHZ2P3J&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>15-03-2022 09:14:37 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(3) &quot; ?p&quot;
  [1]=&gt;
  string(75) &quot;UPDATE `settings` SET enforce_2fa=1, allow_initial_login=0 WHERE 1=1 &quot;
}
</pre></td></tr><tr><td>15-03-2022 09:14:30 </td><td>10.32.122.229</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(3) &quot; ?p&quot;
  [1]=&gt;
  string(75) &quot;UPDATE `settings` SET enforce_2fa=1, allow_initial_login=0 WHERE 1=1 &quot;
}
</pre></td></tr><tr><td>15-03-2022 08:57:28 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(76) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'zzz111222'&quot;
}
</pre></td></tr><tr><td>15-03-2022 08:57:28 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%zzz111222%'&quot;
  [1]=&gt;
  string(9) &quot;zzz111222&quot;
}
</pre></td></tr><tr><td>15-03-2022 08:57:27 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;289&quot;
}
</pre></td></tr><tr><td>15-03-2022 08:57:27 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;289&quot;
}
</pre></td></tr><tr><td>15-03-2022 08:57:14 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(9) &quot;zzz111222&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;83a3b4336e4f738b6427c652df745962a652cc35&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647331034)
    [&quot;regtime&quot;]=&gt;
    int(1647331034)
    [&quot;key&quot;]=&gt;
    string(16) &quot;5WNTCRGQD7AHBHCZ&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>15-03-2022 08:56:22 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(3) &quot; ?p&quot;
  [1]=&gt;
  string(75) &quot;UPDATE `settings` SET enforce_2fa=1, allow_initial_login=0 WHERE 1=1 &quot;
}
</pre></td></tr><tr><td>15-03-2022 08:56:05 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(77) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'zz11111111'&quot;
}
</pre></td></tr><tr><td>15-03-2022 08:56:05 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(72) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%zz11111111%'&quot;
  [1]=&gt;
  string(10) &quot;zz11111111&quot;
}
</pre></td></tr><tr><td>15-03-2022 08:56:05 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;288&quot;
}
</pre></td></tr><tr><td>15-03-2022 08:56:05 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;288&quot;
}
</pre></td></tr><tr><td>15-03-2022 08:55:43 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(10) &quot;zz11111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;306bc98c55a65e6d5f01a42d3197c72d6844fefa&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647330943)
    [&quot;regtime&quot;]=&gt;
    int(1647330943)
    [&quot;key&quot;]=&gt;
    string(16) &quot;4HXWJMWR7RA4BXHW&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>15-03-2022 08:55:33 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(9) &quot;zz1111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;e7b2064b4b4f9c2c46ed2697da4d5d2530c7180d&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647330933)
    [&quot;regtime&quot;]=&gt;
    int(1647330933)
    [&quot;key&quot;]=&gt;
    string(16) &quot;QVZDSBHRBKM7B7QG&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>15-03-2022 08:55:28 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(8) &quot;zz111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da4babd851aa7e7433a5fd65a2ce2a2950669182&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647330928)
    [&quot;regtime&quot;]=&gt;
    int(1647330928)
    [&quot;key&quot;]=&gt;
    string(16) &quot;JHVF6QGTTTEAT5K6&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>15-03-2022 08:55:23 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(7) &quot;zz11111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;2a46ebb35ea9b2c9c059c81cedc3816b11dbed8a&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647330923)
    [&quot;regtime&quot;]=&gt;
    int(1647330923)
    [&quot;key&quot;]=&gt;
    string(16) &quot;X46HUG54K23JEQ72&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>15-03-2022 08:55:18 </td><td>158.113.201.105</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(6) &quot;zz1111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;183a973de71287403b88ea8c3d3d487965afa546&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647330918)
    [&quot;regtime&quot;]=&gt;
    int(1647330918)
    [&quot;key&quot;]=&gt;
    string(16) &quot;LPACBOT2Q5JB7MCW&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>13-03-2022 08:07:22 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(79) &quot;DELETE FROM `login_attempts` WHERE  `userid` IN ( 273,274,275,276,278 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>13-03-2022 08:07:22 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `privacy` WHERE `userid` IN ( 273,274,275,276,278 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>13-03-2022 08:07:22 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(69) &quot;DELETE FROM `users` WHERE `userid` IN ( 273,274,275,276,278 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>13-03-2022 08:06:35 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(7) &quot;zzzz222&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;054e175038d1c77681d9274833e9ff252d65f866&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647155195)
    [&quot;regtime&quot;]=&gt;
    int(1647155195)
    [&quot;key&quot;]=&gt;
    string(16) &quot;PILULJD7KR76D5WT&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>13-03-2022 07:56:44 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(83) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'zz12121212111111'&quot;
}
</pre></td></tr><tr><td>13-03-2022 07:56:44 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(78) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%zz12121212111111%'&quot;
  [1]=&gt;
  string(16) &quot;zz12121212111111&quot;
}
</pre></td></tr><tr><td>13-03-2022 07:56:44 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;277&quot;
}
</pre></td></tr><tr><td>13-03-2022 07:56:43 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;277&quot;
}
</pre></td></tr><tr><td>13-03-2022 07:41:20 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(10) &quot;zzz1111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;5552f915f9e33cd10450cbbb6e768945401cef2e&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647153680)
    [&quot;regtime&quot;]=&gt;
    int(1647153680)
    [&quot;key&quot;]=&gt;
    string(16) &quot;KMUEB5K26L3SB2EC&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>13-03-2022 07:41:14 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(9) &quot;zzz111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;71c11ff8f805e3cd3a5f0cd3d570dd4a7ba9725f&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647153674)
    [&quot;regtime&quot;]=&gt;
    int(1647153674)
    [&quot;key&quot;]=&gt;
    string(16) &quot;BLQMAHLQE6BYB7I3&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>13-03-2022 07:41:09 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(8) &quot;zzz11111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;4759807db96bce2781d836de9419d77bf0ab5a5f&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647153669)
    [&quot;regtime&quot;]=&gt;
    int(1647153669)
    [&quot;key&quot;]=&gt;
    string(16) &quot;5DDYSNJP4322I7NJ&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>13-03-2022 07:41:04 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(7) &quot;zzz1111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;6122a5105ced16c95867b7f4c2a5f4549a721708&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647153664)
    [&quot;regtime&quot;]=&gt;
    int(1647153664)
    [&quot;key&quot;]=&gt;
    string(16) &quot;RLZP4KOLJFYK4ZW3&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>13-03-2022 07:40:59 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(6) &quot;zzz111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;b790b7e180b38d9ec2c10ff7230a85ad2f993000&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1647153659)
    [&quot;regtime&quot;]=&gt;
    int(1647153659)
    [&quot;key&quot;]=&gt;
    string(16) &quot;NRTAENUTN6TSNU6B&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>10-03-2022 16:26:22 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(79) &quot;DELETE FROM `login_attempts` WHERE  `userid` IN ( 267,268,269,270,272 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>10-03-2022 16:26:22 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `privacy` WHERE `userid` IN ( 267,268,269,270,272 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>10-03-2022 16:26:22 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(69) &quot;DELETE FROM `users` WHERE `userid` IN ( 267,268,269,270,272 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>10-03-2022 15:43:13 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(16) &quot;zz12121212111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;08e3dca237b0c8fe275ea61f50c166613c54e657&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646923393)
    [&quot;regtime&quot;]=&gt;
    int(1646923393)
    [&quot;key&quot;]=&gt;
    string(16) &quot;NVOIGRKZNQZTTVFR&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>10-03-2022 15:43:07 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(15) &quot;zz1212121211111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;02daf68da46ec3412612570f1c1dd62d947921ec&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646923387)
    [&quot;regtime&quot;]=&gt;
    int(1646923387)
    [&quot;key&quot;]=&gt;
    string(16) &quot;MUBVH3CEBZZF4YB5&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>10-03-2022 15:43:01 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(14) &quot;zz121212121111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;68339fbad3c638023b67e5ee9f5ff286eb9a6bc3&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646923381)
    [&quot;regtime&quot;]=&gt;
    int(1646923381)
    [&quot;key&quot;]=&gt;
    string(16) &quot;3DMTPLCR6GOMY65E&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>10-03-2022 15:42:54 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(12) &quot;zz1212121211&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;208d94461c5fe419deb8f7ff52a7bd168d697627&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646923374)
    [&quot;regtime&quot;]=&gt;
    int(1646923374)
    [&quot;key&quot;]=&gt;
    string(16) &quot;VXEHBR5MDVBAJESR&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>10-03-2022 15:42:45 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(11) &quot;zz121212121&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;914734fcc484a8d8c4b34315b0d7506e579fe5c7&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646923365)
    [&quot;regtime&quot;]=&gt;
    int(1646923365)
    [&quot;key&quot;]=&gt;
    string(16) &quot;RKTGXOAVSQSLJMFQ&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>10-03-2022 15:42:40 </td><td>10.32.135.11</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(10) &quot;zz12121212&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;4c682f6241f467f5f64785fd694b3a9a1190d90b&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646923360)
    [&quot;regtime&quot;]=&gt;
    int(1646923360)
    [&quot;key&quot;]=&gt;
    string(16) &quot;ADLH7O4JA2ITU27B&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>08-03-2022 09:52:07 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(79) &quot;DELETE FROM `login_attempts` WHERE  `userid` IN ( 261,262,263,265,266 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>08-03-2022 09:52:07 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `privacy` WHERE `userid` IN ( 261,262,263,265,266 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>08-03-2022 09:52:07 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(69) &quot;DELETE FROM `users` WHERE `userid` IN ( 261,262,263,265,266 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>08-03-2022 09:51:53 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(70) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'zzz'&quot;
}
</pre></td></tr><tr><td>08-03-2022 09:51:53 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(65) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%zzz%'&quot;
  [1]=&gt;
  string(3) &quot;zzz&quot;
}
</pre></td></tr><tr><td>08-03-2022 09:51:53 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;271&quot;
}
</pre></td></tr><tr><td>08-03-2022 09:51:53 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;271&quot;
}
</pre></td></tr><tr><td>08-03-2022 09:51:26 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(3) &quot;zzz&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;319a84ff841f82451325e784355ce16a28c6ea06&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646729486)
    [&quot;regtime&quot;]=&gt;
    int(1646729486)
    [&quot;key&quot;]=&gt;
    string(16) &quot;SSVSH5LMBQ5VIZKH&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>08-03-2022 09:50:53 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>08-03-2022 09:50:53 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>08-03-2022 09:50:13 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 1, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>08-03-2022 09:50:13 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>08-03-2022 09:49:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(63) &quot;DELETE FROM `login_attempts` WHERE  `userid` IN ( 264 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>08-03-2022 09:49:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(55) &quot;DELETE FROM `privacy` WHERE `userid` IN ( 264 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>08-03-2022 09:49:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(53) &quot;DELETE FROM `users` WHERE `userid` IN ( 264 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>07-03-2022 13:57:40 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(24) &quot;zzz111111111111111111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;3922156b54d4698ede4067e20f25c96717d0c07b&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646657860)
    [&quot;regtime&quot;]=&gt;
    int(1646657860)
    [&quot;key&quot;]=&gt;
    string(16) &quot;LQNTIYDO5DTBH7UH&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 13:57:35 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(22) &quot;zzz1111111111111111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;3d479797632796056a7f8884729ac636062ba515&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646657855)
    [&quot;regtime&quot;]=&gt;
    int(1646657855)
    [&quot;key&quot;]=&gt;
    string(16) &quot;MG2WDGLOV23RZ2RA&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 13:57:30 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(20) &quot;zzz11111111111111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;4133d2fae4dee942b7830c79b207b3922f79febc&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646657850)
    [&quot;regtime&quot;]=&gt;
    int(1646657850)
    [&quot;key&quot;]=&gt;
    string(16) &quot;KKBIDQUW3K2CX4XO&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 13:57:25 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(18) &quot;zzz111111111111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;693ace71a4e84eb50aaadf190f46d6a5c61e9a45&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646657845)
    [&quot;regtime&quot;]=&gt;
    int(1646657845)
    [&quot;key&quot;]=&gt;
    string(16) &quot;FBZDWBFAVEWFUZMM&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 13:57:19 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(16) &quot;zzz1111111111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;9c2af86d30812648163f1ce928337762dcf22e8f&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646657839)
    [&quot;regtime&quot;]=&gt;
    int(1646657839)
    [&quot;key&quot;]=&gt;
    string(16) &quot;DBLBJCRNGXYLX44N&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 13:57:15 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(14) &quot;zzz11111111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;7338768968bbf924d3480f5534766a1ffced708b&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646657835)
    [&quot;regtime&quot;]=&gt;
    int(1646657835)
    [&quot;key&quot;]=&gt;
    string(16) &quot;6AXXMT53RNGJK6SY&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 13:57:11 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(12) &quot;zzz111111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;9d0d8a9a159b92b21d6cc081672f8dbf3273aa28&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646657831)
    [&quot;regtime&quot;]=&gt;
    int(1646657831)
    [&quot;key&quot;]=&gt;
    string(16) &quot;GOUUTL4UEZAU62KR&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 13:57:07 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(10) &quot;zzz1111111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;7610959d2829beda8dfd1a32c0a807ba7902bc29&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646657827)
    [&quot;regtime&quot;]=&gt;
    int(1646657827)
    [&quot;key&quot;]=&gt;
    string(16) &quot;75LAJOPR4NXFILPX&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 13:57:03 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(8) &quot;zzz11111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;5f2abc79a3fb5bd69d14964691bac39ae51704a9&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646657823)
    [&quot;regtime&quot;]=&gt;
    int(1646657823)
    [&quot;key&quot;]=&gt;
    string(16) &quot;UCNSKVUJ3PK66TPY&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 13:56:58 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(6) &quot;zzz111&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;79d85e16f712170cccb9348dab2ad1f54e7fe923&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646657818)
    [&quot;regtime&quot;]=&gt;
    int(1646657818)
    [&quot;key&quot;]=&gt;
    string(16) &quot;WCGIYDHNDFOSSPNV&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 09:40:08 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(79) &quot;DELETE FROM `login_attempts` WHERE  `userid` IN ( 256,257,258,259,260 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>07-03-2022 09:40:08 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `privacy` WHERE `userid` IN ( 256,257,258,259,260 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>07-03-2022 09:40:08 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(69) &quot;DELETE FROM `users` WHERE `userid` IN ( 256,257,258,259,260 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>07-03-2022 09:39:49 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(79) &quot;DELETE FROM `login_attempts` WHERE  `userid` IN ( 251,252,253,254,255 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>07-03-2022 09:39:48 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `privacy` WHERE `userid` IN ( 251,252,253,254,255 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>07-03-2022 09:39:48 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(69) &quot;DELETE FROM `users` WHERE `userid` IN ( 251,252,253,254,255 ); &quot;
  [1]=&gt;
  NULL
}
</pre></td></tr><tr><td>07-03-2022 09:36:10 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(10) &quot;1232131231&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;97426d17db9d55d680d95f8408f6b56ef04ca077&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646642170)
    [&quot;regtime&quot;]=&gt;
    int(1646642170)
    [&quot;key&quot;]=&gt;
    string(16) &quot;JKEJZP2UZPX2BRVW&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 09:36:06 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(10) &quot;2123123123&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;1a1e74951148a1a0c3841323cd6b1ae11c31e288&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646642166)
    [&quot;regtime&quot;]=&gt;
    int(1646642166)
    [&quot;key&quot;]=&gt;
    string(16) &quot;TH6V3DDKUCTWETYR&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 09:36:01 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(11) &quot;zxczdasdasd&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;c375d98e8d130d59e6603b5d0bcbb2a7360ba2ab&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646642161)
    [&quot;regtime&quot;]=&gt;
    int(1646642161)
    [&quot;key&quot;]=&gt;
    string(16) &quot;2YUM24WRFTPOQIPC&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 09:35:55 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(4) &quot;23eq&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;7aff84e667e68973e463f3ed769965c4c2d46d47&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646642155)
    [&quot;regtime&quot;]=&gt;
    int(1646642155)
    [&quot;key&quot;]=&gt;
    string(16) &quot;GVQRDYIJJZRDXI25&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 09:35:42 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(15) &quot;qweqweqweqweqwe&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;63c6e7bedf476aaa2df8902cef045d0c2881523b&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646642142)
    [&quot;regtime&quot;]=&gt;
    int(1646642142)
    [&quot;key&quot;]=&gt;
    string(16) &quot;Y367JGSL6DS4JB7D&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 09:35:33 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(12) &quot;qweqweqweqwe&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;99f4cc7b2572b080eab60e5c5509fd4c78a605b0&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646642133)
    [&quot;regtime&quot;]=&gt;
    int(1646642133)
    [&quot;key&quot;]=&gt;
    string(16) &quot;C6N3J5ZPC3QYFGYN&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 09:35:29 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(8) &quot;qweqweqw&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;643bc6f15b67483de5d6af27ca2521fdabfed7f0&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646642129)
    [&quot;regtime&quot;]=&gt;
    int(1646642129)
    [&quot;key&quot;]=&gt;
    string(16) &quot;YJH7ZHAU3P2ZN6Y5&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 09:35:24 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(6) &quot;qweqwe&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;d415617287ee442e704f36869d8cfaa0b3413422&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646642124)
    [&quot;regtime&quot;]=&gt;
    int(1646642124)
    [&quot;key&quot;]=&gt;
    string(16) &quot;6JZX7S6LLLEJPSO2&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 09:35:18 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(5) &quot;wqeqw&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;8292775942f967b2c0ed06f0f6a4b5429bc929fa&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646642118)
    [&quot;regtime&quot;]=&gt;
    int(1646642118)
    [&quot;key&quot;]=&gt;
    string(16) &quot;SZEGX52TDUNFKP6D&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>07-03-2022 09:35:11 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(2) &quot;4q&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;a7fa90b2b863de262b65e7ac2387865d22c4fee3&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1646642111)
    [&quot;regtime&quot;]=&gt;
    int(1646642111)
    [&quot;key&quot;]=&gt;
    string(16) &quot;XHDQJOLTDWFABKRK&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>03-03-2022 08:08:25 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(77) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'gvas4btest'&quot;
}
</pre></td></tr><tr><td>03-03-2022 08:08:25 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(72) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%gvas4btest%'&quot;
  [1]=&gt;
  string(10) &quot;gvas4btest&quot;
}
</pre></td></tr><tr><td>03-03-2022 08:08:25 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;249&quot;
}
</pre></td></tr><tr><td>03-03-2022 08:08:25 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;249&quot;
}
</pre></td></tr><tr><td>02-03-2022 13:41:30 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>02-03-2022 13:41:30 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>01-03-2022 18:43:32 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 1, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>01-03-2022 18:43:32 </td><td>10.32.118.55</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:15:22 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:15:22 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:14:52 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 1, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:14:52 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:11:56 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:11:56 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:11:16 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 1, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:11:16 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:06:44 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:06:44 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:06:33 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>28-02-2022 13:06:33 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>28-02-2022 13:06:33 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '0',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>28-02-2022 13:04:56 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>28-02-2022 13:04:56 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>28-02-2022 13:04:56 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '0',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>24-02-2022 11:55:52 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 1, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>24-02-2022 11:55:52 </td><td>10.32.124.114</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>16-02-2022 15:35:00 </td><td>10.32.114.146</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:35:00 </td><td>10.32.114.146</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:35:00 </td><td>10.32.114.146</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '0',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 15:34:51 </td><td>10.32.114.146</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:34:51 </td><td>10.32.114.146</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:34:51 </td><td>10.32.114.146</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 15:30:35 </td><td>10.32.114.146</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:30:35 </td><td>10.32.114.146</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:30:35 </td><td>10.32.114.146</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 15:18:46 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:18:46 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:18:46 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 15:13:40 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:13:40 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:13:40 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(1414) &quot;UPDATE `settings` SET   `site_name` = NULL,  `allow_initial_login` = NULL,  `register` = NULL,  `email_validation` = NULL,  `captcha` = NULL,  `api_key` = NULL,  `allow_http` = NULL,  `radius_secret` = NULL,  `netscaler_ip` = NULL,  `netscaler_subnet` = NULL,  `totp_skew` = NULL,  `ldap` = NULL,  `enforce_2fa` = NULL,  `ldap_server` = NULL,  `ldap_username_format` = NULL,  `ldap_search_string` = NULL,  `ldap_group_restrict` = NULL,  `allow_ldap_enrollment` = NULL,  `ldap_web_url_redirect` = NULL,  `allow_ldap_web_enrollment` = NULL,  `allow_hwtoken` = NULL,  `allow_ldap_per_user_by_default` = NULL,  `ldap_intro_text` = NULL,  `ldap_admins` = NULL,  `local_passwords` = NULL,  `multidomain` = NULL,  `multidomain_mapping` = NULL,  `default_domain` = NULL,  `keep_prefix` = NULL,  `allow_fido2_interface` = NULL,  `allow_fido_per_user_by_default` = NULL,  `fido2_vpn_settings` = NULL,  `fido2_only` = NULL,  `allow_legacy_keys` = NULL,  `enable_passwordless` = NULL,  `oauth2_interface` = NULL,  `oauth2_vpn_settings` = NULL,  `oauth2_only` = NULL,  `oauth2_client_id` = NULL,  `oauth2_tenant_id` = NULL,  `oauth2_client_secret` = NULL,  `oauth2_redirect_uri` = NULL,  `sendgrid_account` = NULL,  `twilio_account` = NULL,  `hardware_token_restriction` = NULL,  `azure_ad_proxy` = NULL,  `azure_ad_tenant_id` = NULL,  `azure_ad_client_id` = NULL,  `azure_ad_domain` = NULL,  `ui_language` = NULL LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 15:13:35 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:13:35 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:13:35 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(1414) &quot;UPDATE `settings` SET   `site_name` = NULL,  `allow_initial_login` = NULL,  `register` = NULL,  `email_validation` = NULL,  `captcha` = NULL,  `api_key` = NULL,  `allow_http` = NULL,  `radius_secret` = NULL,  `netscaler_ip` = NULL,  `netscaler_subnet` = NULL,  `totp_skew` = NULL,  `ldap` = NULL,  `enforce_2fa` = NULL,  `ldap_server` = NULL,  `ldap_username_format` = NULL,  `ldap_search_string` = NULL,  `ldap_group_restrict` = NULL,  `allow_ldap_enrollment` = NULL,  `ldap_web_url_redirect` = NULL,  `allow_ldap_web_enrollment` = NULL,  `allow_hwtoken` = NULL,  `allow_ldap_per_user_by_default` = NULL,  `ldap_intro_text` = NULL,  `ldap_admins` = NULL,  `local_passwords` = NULL,  `multidomain` = NULL,  `multidomain_mapping` = NULL,  `default_domain` = NULL,  `keep_prefix` = NULL,  `allow_fido2_interface` = NULL,  `allow_fido_per_user_by_default` = NULL,  `fido2_vpn_settings` = NULL,  `fido2_only` = NULL,  `allow_legacy_keys` = NULL,  `enable_passwordless` = NULL,  `oauth2_interface` = NULL,  `oauth2_vpn_settings` = NULL,  `oauth2_only` = NULL,  `oauth2_client_id` = NULL,  `oauth2_tenant_id` = NULL,  `oauth2_client_secret` = NULL,  `oauth2_redirect_uri` = NULL,  `sendgrid_account` = NULL,  `twilio_account` = NULL,  `hardware_token_restriction` = NULL,  `azure_ad_proxy` = NULL,  `azure_ad_tenant_id` = NULL,  `azure_ad_client_id` = NULL,  `azure_ad_domain` = NULL,  `ui_language` = NULL LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 15:12:13 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:12:13 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:12:13 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(1414) &quot;UPDATE `settings` SET   `site_name` = NULL,  `allow_initial_login` = NULL,  `register` = NULL,  `email_validation` = NULL,  `captcha` = NULL,  `api_key` = NULL,  `allow_http` = NULL,  `radius_secret` = NULL,  `netscaler_ip` = NULL,  `netscaler_subnet` = NULL,  `totp_skew` = NULL,  `ldap` = NULL,  `enforce_2fa` = NULL,  `ldap_server` = NULL,  `ldap_username_format` = NULL,  `ldap_search_string` = NULL,  `ldap_group_restrict` = NULL,  `allow_ldap_enrollment` = NULL,  `ldap_web_url_redirect` = NULL,  `allow_ldap_web_enrollment` = NULL,  `allow_hwtoken` = NULL,  `allow_ldap_per_user_by_default` = NULL,  `ldap_intro_text` = NULL,  `ldap_admins` = NULL,  `local_passwords` = NULL,  `multidomain` = NULL,  `multidomain_mapping` = NULL,  `default_domain` = NULL,  `keep_prefix` = NULL,  `allow_fido2_interface` = NULL,  `allow_fido_per_user_by_default` = NULL,  `fido2_vpn_settings` = NULL,  `fido2_only` = NULL,  `allow_legacy_keys` = NULL,  `enable_passwordless` = NULL,  `oauth2_interface` = NULL,  `oauth2_vpn_settings` = NULL,  `oauth2_only` = NULL,  `oauth2_client_id` = NULL,  `oauth2_tenant_id` = NULL,  `oauth2_client_secret` = NULL,  `oauth2_redirect_uri` = NULL,  `sendgrid_account` = NULL,  `twilio_account` = NULL,  `hardware_token_restriction` = NULL,  `azure_ad_proxy` = NULL,  `azure_ad_tenant_id` = NULL,  `azure_ad_client_id` = NULL,  `azure_ad_domain` = NULL,  `ui_language` = NULL LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 15:11:13 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:11:13 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:11:13 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(1414) &quot;UPDATE `settings` SET   `site_name` = NULL,  `allow_initial_login` = NULL,  `register` = NULL,  `email_validation` = NULL,  `captcha` = NULL,  `api_key` = NULL,  `allow_http` = NULL,  `radius_secret` = NULL,  `netscaler_ip` = NULL,  `netscaler_subnet` = NULL,  `totp_skew` = NULL,  `ldap` = NULL,  `enforce_2fa` = NULL,  `ldap_server` = NULL,  `ldap_username_format` = NULL,  `ldap_search_string` = NULL,  `ldap_group_restrict` = NULL,  `allow_ldap_enrollment` = NULL,  `ldap_web_url_redirect` = NULL,  `allow_ldap_web_enrollment` = NULL,  `allow_hwtoken` = NULL,  `allow_ldap_per_user_by_default` = NULL,  `ldap_intro_text` = NULL,  `ldap_admins` = NULL,  `local_passwords` = NULL,  `multidomain` = NULL,  `multidomain_mapping` = NULL,  `default_domain` = NULL,  `keep_prefix` = NULL,  `allow_fido2_interface` = NULL,  `allow_fido_per_user_by_default` = NULL,  `fido2_vpn_settings` = NULL,  `fido2_only` = NULL,  `allow_legacy_keys` = NULL,  `enable_passwordless` = NULL,  `oauth2_interface` = NULL,  `oauth2_vpn_settings` = NULL,  `oauth2_only` = NULL,  `oauth2_client_id` = NULL,  `oauth2_tenant_id` = NULL,  `oauth2_client_secret` = NULL,  `oauth2_redirect_uri` = NULL,  `sendgrid_account` = NULL,  `twilio_account` = NULL,  `hardware_token_restriction` = NULL,  `azure_ad_proxy` = NULL,  `azure_ad_tenant_id` = NULL,  `azure_ad_client_id` = NULL,  `azure_ad_domain` = NULL,  `ui_language` = NULL LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 15:11:07 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:11:07 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:11:07 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(1414) &quot;UPDATE `settings` SET   `site_name` = NULL,  `allow_initial_login` = NULL,  `register` = NULL,  `email_validation` = NULL,  `captcha` = NULL,  `api_key` = NULL,  `allow_http` = NULL,  `radius_secret` = NULL,  `netscaler_ip` = NULL,  `netscaler_subnet` = NULL,  `totp_skew` = NULL,  `ldap` = NULL,  `enforce_2fa` = NULL,  `ldap_server` = NULL,  `ldap_username_format` = NULL,  `ldap_search_string` = NULL,  `ldap_group_restrict` = NULL,  `allow_ldap_enrollment` = NULL,  `ldap_web_url_redirect` = NULL,  `allow_ldap_web_enrollment` = NULL,  `allow_hwtoken` = NULL,  `allow_ldap_per_user_by_default` = NULL,  `ldap_intro_text` = NULL,  `ldap_admins` = NULL,  `local_passwords` = NULL,  `multidomain` = NULL,  `multidomain_mapping` = NULL,  `default_domain` = NULL,  `keep_prefix` = NULL,  `allow_fido2_interface` = NULL,  `allow_fido_per_user_by_default` = NULL,  `fido2_vpn_settings` = NULL,  `fido2_only` = NULL,  `allow_legacy_keys` = NULL,  `enable_passwordless` = NULL,  `oauth2_interface` = NULL,  `oauth2_vpn_settings` = NULL,  `oauth2_only` = NULL,  `oauth2_client_id` = NULL,  `oauth2_tenant_id` = NULL,  `oauth2_client_secret` = NULL,  `oauth2_redirect_uri` = NULL,  `sendgrid_account` = NULL,  `twilio_account` = NULL,  `hardware_token_restriction` = NULL,  `azure_ad_proxy` = NULL,  `azure_ad_tenant_id` = NULL,  `azure_ad_client_id` = NULL,  `azure_ad_domain` = NULL,  `ui_language` = NULL LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 15:09:24 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:09:24 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 15:09:24 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(1414) &quot;UPDATE `settings` SET   `site_name` = NULL,  `allow_initial_login` = NULL,  `register` = NULL,  `email_validation` = NULL,  `captcha` = NULL,  `api_key` = NULL,  `allow_http` = NULL,  `radius_secret` = NULL,  `netscaler_ip` = NULL,  `netscaler_subnet` = NULL,  `totp_skew` = NULL,  `ldap` = NULL,  `enforce_2fa` = NULL,  `ldap_server` = NULL,  `ldap_username_format` = NULL,  `ldap_search_string` = NULL,  `ldap_group_restrict` = NULL,  `allow_ldap_enrollment` = NULL,  `ldap_web_url_redirect` = NULL,  `allow_ldap_web_enrollment` = NULL,  `allow_hwtoken` = NULL,  `allow_ldap_per_user_by_default` = NULL,  `ldap_intro_text` = NULL,  `ldap_admins` = NULL,  `local_passwords` = NULL,  `multidomain` = NULL,  `multidomain_mapping` = NULL,  `default_domain` = NULL,  `keep_prefix` = NULL,  `allow_fido2_interface` = NULL,  `allow_fido_per_user_by_default` = NULL,  `fido2_vpn_settings` = NULL,  `fido2_only` = NULL,  `allow_legacy_keys` = NULL,  `enable_passwordless` = NULL,  `oauth2_interface` = NULL,  `oauth2_vpn_settings` = NULL,  `oauth2_only` = NULL,  `oauth2_client_id` = NULL,  `oauth2_tenant_id` = NULL,  `oauth2_client_secret` = NULL,  `oauth2_redirect_uri` = NULL,  `sendgrid_account` = NULL,  `twilio_account` = NULL,  `hardware_token_restriction` = NULL,  `azure_ad_proxy` = NULL,  `azure_ad_tenant_id` = NULL,  `azure_ad_client_id` = NULL,  `azure_ad_domain` = NULL,  `ui_language` = NULL LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 14:45:57 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 14:45:57 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 14:45:57 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 14:08:06 </td><td>10.32.114.146</td><td>admin/ehuseynov@unicef.org</td><td><pre>patch applied to  /var/www/html/login.php, backup taken /var/www/html/admin/tmp/login.php620cf735ee5fa</pre></td></tr><tr><td>16-02-2022 14:06:37 </td><td>10.32.114.146</td><td>admin/</td><td><pre>patch applied to  /var/www/html/login.php, backup taken /var/www/html/admin/tmp/login.php620cf6dd234ca</pre></td></tr><tr><td>16-02-2022 13:31:26 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 13:31:26 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 13:31:26 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '0',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 13:29:26 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 13:29:26 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 13:29:26 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '0',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'bogususer',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 09:54:15 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 09:54:15 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 09:54:15 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'bogususer',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>16-02-2022 09:53:19 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 09:53:19 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>16-02-2022 09:53:19 </td><td>10.32.114.146</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ahuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>15-02-2022 09:43:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>15-02-2022 09:43:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>15-02-2022 09:43:14 </td><td>158.113.203.251</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>09-02-2022 12:51:52 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(12) &quot;hwiniaswasti&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;61a135089eac561a2ff7cedeefb03975bed000f8&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1644407512)
    [&quot;regtime&quot;]=&gt;
    int(1644407512)
    [&quot;key&quot;]=&gt;
    string(16) &quot;5NLILEFVAASJSNZW&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>09-02-2022 12:35:43 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(10) &quot;gvas4btest&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;61a135089eac561a2ff7cedeefb03975bed000f8&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1644406543)
    [&quot;regtime&quot;]=&gt;
    int(1644406543)
    [&quot;key&quot;]=&gt;
    string(16) &quot;NZFLQUXCZUCOXHTZ&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>09-02-2022 12:30:58 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;5WUQDF235TEBWR6Y&quot;
  [2]=&gt;
  string(201) &quot; , `username` = 'ext_megamawarti', `localpassword` = 'df8a6a143bf4a3ff141d21edb9a32ccf9198e80d', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;248&quot;
}
</pre></td></tr><tr><td>09-02-2022 12:30:57 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;248&quot;
}
</pre></td></tr><tr><td>09-02-2022 12:30:24 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(15) &quot;ext_megamawarti&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;8dd21a48120449e258c529d29c8bbe7aec2c0510&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1644406224)
    [&quot;regtime&quot;]=&gt;
    int(1644406224)
    [&quot;key&quot;]=&gt;
    string(16) &quot;5WUQDF235TEBWR6Y&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>09-02-2022 12:21:59 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(12) &quot;ext_meidiorp&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;bb4e617eb0aa0679d1bf5165fa3801904434568b&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1644405719)
    [&quot;regtime&quot;]=&gt;
    int(1644405719)
    [&quot;key&quot;]=&gt;
    string(16) &quot;XUL3HUSMGIZVMBBB&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>09-02-2022 12:10:59 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(32) &quot;KTR5FOTRD3RYQIBQA733Q27YV2DLDIEC&quot;
  [2]=&gt;
  string(136) &quot; , `username` = 'maabduljalil', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 1, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;234&quot;
}
</pre></td></tr><tr><td>09-02-2022 12:10:59 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(108) &quot;UPDATE `hardwaretokens` SET assignment='maabduljalil' 	WHERE color LIKE '%KTR5FOTRD3RYQIBQA733Q27YV2DLDIEC%' ;&quot;
}
</pre></td></tr><tr><td>09-02-2022 12:10:59 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;234&quot;
}
</pre></td></tr><tr><td>09-02-2022 11:43:34 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>09-02-2022 11:43:34 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>09-02-2022 11:43:34 </td><td>10.32.131.218</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '1',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>19-01-2022 13:18:53 </td><td>10.32.123.156</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(11) &quot;amsenaputra&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1642594733)
    [&quot;regtime&quot;]=&gt;
    int(1642594733)
    [&quot;key&quot;]=&gt;
    string(16) &quot;2SM3DPFYXRHYYJHL&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>19-01-2022 13:17:52 </td><td>10.32.123.156</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(8) &quot;aadhisty&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1642594672)
    [&quot;regtime&quot;]=&gt;
    int(1642594672)
    [&quot;key&quot;]=&gt;
    string(16) &quot;CT7CWW4TEKFRXFIB&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>23-12-2021 13:01:39 </td><td>10.32.123.156</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(6) &quot;mramli&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1640260899)
    [&quot;regtime&quot;]=&gt;
    int(1640260899)
    [&quot;key&quot;]=&gt;
    string(16) &quot;QKVRWT54EW42P37O&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>23-12-2021 13:01:19 </td><td>10.32.123.156</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(8) &quot;rmarinda&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1640260879)
    [&quot;regtime&quot;]=&gt;
    int(1640260879)
    [&quot;key&quot;]=&gt;
    string(16) &quot;VNSSGRPEHE7EVV7L&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>15-12-2021 11:18:05 </td><td>10.32.123.156</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;UQCT4FNYHHRQR4G5&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 0, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>15-12-2021 11:18:05 </td><td>10.32.123.156</td><td>admin/ehuseynov@unicef.org</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;242&quot;
}
</pre></td></tr><tr><td>15-12-2021 11:17:25 </td><td>10.32.123.156</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>15-12-2021 11:17:25 </td><td>10.32.123.156</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>15-12-2021 11:17:25 </td><td>10.32.123.156</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2723) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = 'ehuseynov',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>09-12-2021 10:18:42 </td><td>10.32.119.175</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>09-12-2021 10:18:42 </td><td>10.32.119.175</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>09-12-2021 10:18:42 </td><td>10.32.119.175</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2714) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>23-11-2021 14:30:01 </td><td>10.32.110.196</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>23-11-2021 14:30:01 </td><td>10.32.110.196</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>23-11-2021 14:30:01 </td><td>10.32.110.196</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2714) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org, ldaps://USAAADDC01.unicef.org, ldaps://USAAADDC02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>23-11-2021 14:20:39 </td><td>10.32.110.196</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>23-11-2021 14:20:39 </td><td>10.32.110.196</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>23-11-2021 14:20:39 </td><td>10.32.110.196</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2652) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://ZNL1ADDC01.unicef.org, ldaps://ZNL1ADDC02.unicef.org, ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>09-11-2021 10:01:06 </td><td>10.32.128.24</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>09-11-2021 10:01:06 </td><td>10.32.128.24</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>09-11-2021 10:01:06 </td><td>10.32.128.24</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2590) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org, ldaps://swzaaddc02.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>09-11-2021 09:58:30 </td><td>10.32.128.24</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(9) &quot;ehuseynov&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1636448310)
    [&quot;regtime&quot;]=&gt;
    int(1636448310)
    [&quot;key&quot;]=&gt;
    string(16) &quot;UQCT4FNYHHRQR4G5&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>03-11-2021 20:26:57 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 20:26:56 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 20:26:56 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2559) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>03-11-2021 20:26:49 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 20:26:49 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 20:26:49 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2559) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>03-11-2021 20:26:37 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(76) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'ehuseynov'&quot;
}
</pre></td></tr><tr><td>03-11-2021 20:26:37 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%ehuseynov%'&quot;
  [1]=&gt;
  string(9) &quot;ehuseynov&quot;
}
</pre></td></tr><tr><td>03-11-2021 20:26:37 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;241&quot;
}
</pre></td></tr><tr><td>03-11-2021 20:26:37 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;241&quot;
}
</pre></td></tr><tr><td>03-11-2021 20:25:54 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(9) &quot;ehuseynov&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1635967554)
    [&quot;regtime&quot;]=&gt;
    int(1635967554)
    [&quot;key&quot;]=&gt;
    string(16) &quot;M6N7JO4G56NFGHHK&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>03-11-2021 20:25:41 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  0  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 20:25:41 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 20:25:41 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2559) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '0',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>03-11-2021 20:25:28 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(76) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'ehuseynov'&quot;
}
</pre></td></tr><tr><td>03-11-2021 20:25:27 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%ehuseynov%'&quot;
  [1]=&gt;
  string(9) &quot;ehuseynov&quot;
}
</pre></td></tr><tr><td>03-11-2021 20:25:27 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;235&quot;
}
</pre></td></tr><tr><td>03-11-2021 20:25:27 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;235&quot;
}
</pre></td></tr><tr><td>03-11-2021 15:13:45 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 15:13:45 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 15:13:45 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2559) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '77410195-14e1-4fb8-904b-ab1892023667',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>03-11-2021 12:18:37 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 12:18:37 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 12:18:37 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2559) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '389bd317-f711-47ae-8ea6-010d345595c5',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'unicef.org',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>03-11-2021 12:18:32 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 12:18:32 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>03-11-2021 12:18:32 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2558) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = '389bd317-f711-47ae-8ea6-010d345595c5',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>02-11-2021 14:46:17 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(38) &quot;DELETE from users WHERE userid&gt;3&quot;
}
</pre></td></tr><tr><td>02-11-2021 14:46:17 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(40) &quot;DELETE from hardwaretokens WHERE groupid&gt;3&quot;
}
</pre></td></tr><tr><td>02-11-2021 14:44:47 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(38) &quot;DELETE from users WHERE userid&gt;3&quot;
}
</pre></td></tr><tr><td>02-11-2021 14:44:47 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(40) &quot;DELETE from hardwaretokens WHERE groupid&gt;3&quot;
}
</pre></td></tr><tr><td>02-11-2021 10:28:27 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(6) &quot;myyong&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1635845307)
    [&quot;regtime&quot;]=&gt;
    int(1635845307)
    [&quot;key&quot;]=&gt;
    string(16) &quot;3XE6WGU2HPUW5QEZ&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>02-11-2021 10:27:24 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(8) &quot;fmokhtar&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1635845244)
    [&quot;regtime&quot;]=&gt;
    int(1635845244)
    [&quot;key&quot;]=&gt;
    string(16) &quot;PU3YZV5KS72ZKYCQ&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>02-11-2021 10:26:37 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(4) &quot;ybeh&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1635845197)
    [&quot;regtime&quot;]=&gt;
    int(1635845197)
    [&quot;key&quot;]=&gt;
    string(16) &quot;YPCUDMIJRYD4P3EB&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>02-11-2021 10:25:49 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(7) &quot;nmazlan&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1635845149)
    [&quot;regtime&quot;]=&gt;
    int(1635845149)
    [&quot;key&quot;]=&gt;
    string(16) &quot;FPSI7MZZ7R45DJ73&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>02-11-2021 10:25:07 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(11) &quot;tkarupaiyah&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1635845107)
    [&quot;regtime&quot;]=&gt;
    int(1635845107)
    [&quot;key&quot;]=&gt;
    string(16) &quot;MAEE3VODMQ6AWJTN&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>01-11-2021 16:13:09 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;AYC2GW5O2R7PZ3NA&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 1, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;235&quot;
}
</pre></td></tr><tr><td>01-11-2021 16:13:09 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;235&quot;
}
</pre></td></tr><tr><td>01-11-2021 16:12:38 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(16) &quot;AYC2GW5O2R7PZ3NA&quot;
  [2]=&gt;
  string(133) &quot; , `username` = 'ehuseynov', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 1, `single_factor` = 0, `restrict_key_change` = 1&quot;
  [3]=&gt;
  string(3) &quot;235&quot;
}
</pre></td></tr><tr><td>01-11-2021 16:12:38 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;235&quot;
}
</pre></td></tr><tr><td>01-11-2021 16:12:33 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(9) &quot;ehuseynov&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1635779553)
    [&quot;regtime&quot;]=&gt;
    int(1635779553)
    [&quot;key&quot;]=&gt;
    string(16) &quot;AYC2GW5O2R7PZ3NA&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>01-11-2021 16:11:08 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(76) &quot;UPDATE  `hardwaretokens` SET assignment=''   WHERE `assignment` =  'ehuseynov'&quot;
}
</pre></td></tr><tr><td>01-11-2021 16:11:08 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(71) &quot;DELETE FROM `login_attempts` WHERE `username` LIKE  '%ehuseynov%'&quot;
  [1]=&gt;
  string(9) &quot;ehuseynov&quot;
}
</pre></td></tr><tr><td>01-11-2021 16:11:08 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(47) &quot;DELETE FROM `privacy` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;233&quot;
}
</pre></td></tr><tr><td>01-11-2021 16:11:08 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(45) &quot;DELETE FROM `users` WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(3) &quot;233&quot;
}
</pre></td></tr><tr><td>01-11-2021 16:10:34 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 16:10:34 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 16:10:34 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2541) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = 'dbb595ac-ef57-xxxxx',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>01-11-2021 16:10:04 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 16:10:04 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 16:10:04 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2541) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = 'dbb595ac-ef57-xxxxx',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>01-11-2021 16:08:39 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 16:08:39 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 16:08:39 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2541) &quot;UPDATE `settings` SET   `site_name` = 'SWZAMFARADIUS01',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = 'dbb595ac-ef57-xxxxx',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>01-11-2021 14:24:07 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (4) {
  [0]=&gt;
  string(62) &quot;UPDATE `users` SET  `key` = ?s    ?p WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(32) &quot;KTR5FOTRD3RYQIBQA733Q27YV2DLDIEC&quot;
  [2]=&gt;
  string(136) &quot; , `username` = 'maabduljalil', email='' , phone='' , `allow_fido` = 1, `allow_ldap` = 1, `single_factor` = 0, `restrict_key_change` = 0&quot;
  [3]=&gt;
  string(3) &quot;234&quot;
}
</pre></td></tr><tr><td>01-11-2021 14:24:07 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(108) &quot;UPDATE `hardwaretokens` SET assignment='maabduljalil' 	WHERE color LIKE '%KTR5FOTRD3RYQIBQA733Q27YV2DLDIEC%' ;&quot;
}
</pre></td></tr><tr><td>01-11-2021 14:24:07 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(61) &quot;UPDATE `users` SET  `offset` = ?i   WHERE `userid` = ?i&quot;
  [1]=&gt;
  int(0)
  [2]=&gt;
  string(3) &quot;234&quot;
}
</pre></td></tr><tr><td>01-11-2021 14:23:59 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(12) &quot;maabduljalil&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1635773039)
    [&quot;regtime&quot;]=&gt;
    int(1635773039)
    [&quot;key&quot;]=&gt;
    string(16) &quot;U5OMMUEDGAU2QFYU&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>01-11-2021 13:56:56 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 13:56:56 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 13:56:56 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2542) &quot;UPDATE `settings` SET   `site_name` = 'TOTPRadius 0.2.7',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '2',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = 'dbb595ac-ef57-xxxxx',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>01-11-2021 13:56:29 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 13:56:29 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 13:56:29 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2542) &quot;UPDATE `settings` SET   `site_name` = 'TOTPRadius 0.2.7',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '1',  `ldap` = '1',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = 'dbb595ac-ef57-xxxxx',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>01-11-2021 13:51:42 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(32) &quot;INSERT INTO `users` SET ?u&quot;
  [1]=&gt;
  actions logged: (6) {
    [&quot;username&quot;]=&gt;
    string(9) &quot;ehuseynov&quot;
    [&quot;localpassword&quot;]=&gt;
    string(40) &quot;da39a3ee5e6b4b0d3255bfef95601890afd80709&quot;
    [&quot;lastactive&quot;]=&gt;
    int(1635771102)
    [&quot;regtime&quot;]=&gt;
    int(1635771102)
    [&quot;key&quot;]=&gt;
    string(16) &quot;CHPEBSG3D6XRFXKT&quot;
    [&quot;validated&quot;]=&gt;
    int(1)
  }
}
</pre></td></tr><tr><td>01-11-2021 13:49:45 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 13:49:45 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 13:49:45 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2542) &quot;UPDATE `settings` SET   `site_name` = 'TOTPRadius 0.2.7',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'fmprmq81rla',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '1',  `ldap` = '0',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = 'dbb595ac-ef57-xxxxx',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>01-11-2021 11:40:57 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 11:40:57 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 11:40:57 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2542) &quot;UPDATE `settings` SET   `site_name` = 'TOTPRadius 0.2.7',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'hwxa30lqwcr',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '1',  `ldap` = '0',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '0',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '0',  `allow_hwtoken` = '0',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = 'dbb595ac-ef57-xxxxx',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>01-11-2021 11:40:36 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 11:40:36 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 11:40:36 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2542) &quot;UPDATE `settings` SET   `site_name` = 'TOTPRadius 0.2.7',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'hwxa30lqwcr',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '1',  `ldap` = '0',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '1',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = 'dbb595ac-ef57-xxxxx',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>01-11-2021 11:40:00 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 11:40:00 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 11:40:00 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2542) &quot;UPDATE `settings` SET   `site_name` = 'TOTPRadius 0.2.7',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'hwxa30lqwcr',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '1',  `ldap` = '0',  `enforce_2fa` = '1',  `ldap_server` = 'ldaps://swzaaddc01.unicef.org',  `ldap_username_format` = '%username%@unicef.org',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '1',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = 'dbb595ac-ef57-xxxxx',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr><tr><td>01-11-2021 11:38:07 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (3) {
  [0]=&gt;
  string(60) &quot;UPDATE `users` SET `password` = ?s WHERE `userid` = ?i&quot;
  [1]=&gt;
  string(40) &quot;4904cd454f30ffafe9bd7e71e24e983e482f496e&quot;
  [2]=&gt;
  string(1) &quot;1&quot;
}
</pre></td></tr><tr><td>01-11-2021 11:37:33 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_ldap SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 11:37:33 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (1) {
  [0]=&gt;
  string(62) &quot;ALTER TABLE users  ALTER allow_fido SET DEFAULT  1  ;   &quot;
}
</pre></td></tr><tr><td>01-11-2021 11:37:33 </td><td>10.32.133.201</td><td>admin/</td><td><pre>actions logged: (2) {
  [0]=&gt;
  string(4) &quot; ?p &quot;
  [1]=&gt;
  string(2530) &quot;UPDATE `settings` SET   `site_name` = 'TOTPRadius 0.2.7',  `allow_initial_login` = '0',  `register` = '1',  `email_validation` = '0',  `captcha` = '0',  `api_key` = 'twgj3gydbq4',  `allow_http` = '0',  `radius_secret` = 'hwxa30lqwcr',  `netscaler_ip` = '0.0.0.0',  `netscaler_subnet` = '0',  `totp_skew` = '1',  `ldap` = '0',  `enforce_2fa` = '1',  `ldap_server` = 'dc.domain.local',  `ldap_username_format` = '%username%@domain.local',  `ldap_search_string` = '',  `ldap_group_restrict` = '',  `allow_ldap_enrollment` = '1',  `ldap_web_url_redirect` = '',  `allow_ldap_web_enrollment` = '1',  `allow_hwtoken` = '1',  `allow_ldap_per_user_by_default` = '1',  `ldap_intro_text` = 'LDAP Enroll web interface allows enrolling the second factor independently. You can also change your TOTP profile if it is allowed by your administrator and only if using the internal LDAP portal',  `ldap_admins` = '',  `local_passwords` = '0',  `multidomain` = '0',  `multidomain_mapping` = 'MAIN:domain.org;SECOND:local.org',  `default_domain` = 'default.local',  `keep_prefix` = '1',  `allow_fido2_interface` = '1',  `allow_fido_per_user_by_default` = '1',  `fido2_vpn_settings` = '#VPN Connection data\r\nName=PasswordlessMerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `fido2_only` = '0',  `allow_legacy_keys` = '0',  `enable_passwordless` = '1',  `oauth2_interface` = '1',  `oauth2_vpn_settings` = '#VPN Connection data\r\nName=Oauth2MerakiVPN\r\nServerAddress=t2-geneva-zzzwqptqwt.dynamic-m.com\r\nTunnelType=L2tp\r\nL2tpPsk=meraki\r\nAuthenticationMethod=Pap\r\nForce=\r\nWarningAction=SilentlyContinue\r\nRememberCredential:$True=\r\nSplitTunneling:$False=\r\n#If set to Yes then remove the T2VPN file after connecting\r\nremoveT2VPN=yes',  `oauth2_only` = '0',  `oauth2_client_id` = '79455164-96f0-xxx',  `oauth2_tenant_id` = 'dbb595ac-ef57-xxx',  `oauth2_client_secret` = 'st4Qwad.Wr0eSDtS_xxx',  `oauth2_redirect_uri` = 'https://fido2vpn.domain.org/oauth/oauth.php',  `sendgrid_account` = 'SG.api_key_here',  `twilio_account` = 'Twilio.API_key_here',  `hardware_token_restriction` = '1',  `azure_ad_proxy` = '0',  `azure_ad_tenant_id` = 'dbb595ac-ef57-xxxxx',  `azure_ad_client_id` = '79455164-96f0-xxxxx',  `azure_ad_domain` = 'domain.ch',  `ui_language` = 'en' LIMIT 1&quot;
}
</pre></td></tr>
