File: /home/bannong/Maildir/new/1763002997.M12747P1790866.server-27-254-144-72.da.direct,S=12894,W=13110
Return-Path: <>
Delivered-To: bannong@bannongsaischool.com
Received: from server-27-254-144-72.da.direct
by server-27-254-144-72.da.direct with LMTP
id CKSZAHVKFWmSUxsADyop3w
(envelope-from <>)
for <bannong@bannongsaischool.com>; Thu, 13 Nov 2025 10:03:17 +0700
Return-path: <>
Envelope-to: bannong@bannongsaischool.com
Delivery-date: Thu, 13 Nov 2025 10:03:17 +0700
Received: from mailcleaner.davet.net.br ([190.89.35.4])
by server-27-254-144-72.da.direct with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384
(Exim 4.98)
id 1vJNcC-00000007W80-2eJA
for bannong@bannongsaischool.com;
Thu, 13 Nov 2025 10:03:16 +0700
Received: by mailcleaner.davet.net.br (Proxmox)
id 5E20C1AA177; Thu, 13 Nov 2025 00:03:13 -0300 (-03)
Date: Thu, 13 Nov 2025 00:03:13 -0300 (-03)
From: Mail Delivery System <MAILER-DAEMON@mailcleaner.davet.net.br>
Subject: Undelivered Mail Returned to Sender
To: bannong@bannongsaischool.com
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="3B5D11A9F5B.1763002993/mailcleaner.davet.net.br"
Content-Transfer-Encoding: 8bit
Message-Id: <20251113030313.5E20C1AA177@mailcleaner.davet.net.br>
Forward-Confirmed-ReverseDNS: Reverse and forward lookup success on 190.89.35.4, -10 Spam score
SpamTally: Final spam score: unset because ESF not run (SpamAssassin unset, whitelist, or skipped)
This is a MIME-encapsulated message.
--3B5D11A9F5B.1763002993/mailcleaner.davet.net.br
Content-Description: Notification
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
This is the mail system at host mailcleaner.davet.net.br.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<contato@allcopy.com.br>: host 10.41.1.10[10.41.1.10] said: 550 5.1.1
<contato@allcopy.com.br>: Recipient address rejected: allcopy.com.br (in
reply to RCPT TO command)
--3B5D11A9F5B.1763002993/mailcleaner.davet.net.br
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; mailcleaner.davet.net.br
X-Proxmox-Queue-ID: 3B5D11A9F5B
X-Proxmox-Sender: rfc822; bannong@bannongsaischool.com
Arrival-Date: Thu, 13 Nov 2025 00:03:13 -0300 (-03)
Final-Recipient: rfc822; contato@allcopy.com.br
Original-Recipient: rfc822;contato@allcopy.com.br
Action: failed
Status: 5.1.1
Remote-MTA: dns; 10.41.1.10
Diagnostic-Code: smtp; 550 5.1.1 <contato@allcopy.com.br>: Recipient address
rejected: allcopy.com.br
--3B5D11A9F5B.1763002993/mailcleaner.davet.net.br
Content-Description: Undelivered Message
Content-Type: message/rfc822
Content-Transfer-Encoding: 8bit
Return-Path: <bannong@bannongsaischool.com>
Received: from mailcleaner.davet.net.br (localhost.localdomain [127.0.0.1])
by mailcleaner.davet.net.br (Proxmox) with ESMTP id 3B5D11A9F5B
for <contato@allcopy.com.br>; Thu, 13 Nov 2025 00:03:13 -0300 (-03)
Received-SPF: pass (bannongsaischool.com: 27.254.144.72 is authorized to use 'bannong@bannongsaischool.com' in 'mfrom' identity (mechanism 'a' matched)) receiver=mailcleaner.davet.net.br; identity=mailfrom; envelope-from="bannong@bannongsaischool.com"; helo=server-27-254-144-72.da.direct; client-ip=27.254.144.72
Received: from server-27-254-144-72.da.direct (unknown [27.254.144.72])
by mailcleaner.davet.net.br (Proxmox) with ESMTPS id 9D14B1AA177
for <contato@allcopy.com.br>; Thu, 13 Nov 2025 00:03:04 -0300 (-03)
Received: from bannong by server-27-254-144-72.da.direct with local (Exim 4.98)
(envelope-from <bannong@bannongsaischool.com>)
id 1vJNbf-00000007Vyb-2RCY
for contato@allcopy.com.br;
Thu, 13 Nov 2025 10:02:58 +0700
To: contato@allcopy.com.br
subject: {Spam?} Ref: xfy1shw0o3 - =?UTF-8?Q?=E2=9C=85=20=20?=Contato - Allcopy - 4 invasoes detectadas no seu Bradesco Net Empresa =?UTF-8?Q?=E2=80=93=20?=bloqueio em 3h se nao agir AGORA - 13/11/2025 10:02:43
X-PHP-Originating-Script: 1179:about.php
From: "Jorge Medeiros - Bradesco Net Empresa 14881" <seguranca26123@%bradesconetempresa.com.br>
MIME-Version: 1.0
Content-type: text/html; charset=iso-8859-1
X-Mailer: PHP/8.1.26
Reply-To: <seguranca26123@%bradesconetempresa.com.br>
X-Sender: seguranca26123@%bradesconetempresa.com.br
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
Message-ID: <f9abcbadb003169fdfe5e5fe853ee65fc4c06c08@bannongsaischool.com>
Date: Thu, 13 Nov 2025 02:55:15 +0000
X-Originating-IP: [27.254.144.72]
X-Authenticated-Id: bannong
X-Spam-Flag: Yes
<!DOCTYPE html>
<html lang="pt-BR">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>4 invasões no seu Bradesco Net Empresa – bloqueio em 3h</title>
<!-- Preheader (invisível no corpo, visível no inbox) -->
<div style="display:none; font-size:1px; color:#f4f4f4; line-height:1px; max-height:0px; max-width:0px; opacity:0; overflow:hidden; mso-hide:all;">
Jorge Medeiros tentou te ligar 5x em 24h, Contato - Allcopy. 4 tentativas de invasão detectadas hoje, 12/11/2025. Valide em 2 cliques ou perde acesso ao Net Empresa.
</div>
<style>
body { margin:0; padding:0; background:#f4f4f4; font-family:Helvetica,Arial,sans-serif; color:#000000; }
.container { max-width:600px; margin:20px auto; background:#ffffff; border-radius:8px; overflow:hidden; box-shadow:0 4px 12px rgba(0,0,0,0.1); }
.header { background:linear-gradient(135deg,#cc092f,#9b001c); padding:20px; text-align:center; }
.header img { height:45px; }
.content { padding:30px 25px; }
.alert { background:#fff3cd; border-left:5px solid #ffc107; padding:15px; margin:20px 0; font-weight:bold; color:#856404; border-radius:0 4px 4px 0; }
.btn { display:block; width:fit-content; margin:25px auto; background:linear-gradient(135deg,#cc092f,#9b001c); color:#ffffff; text-decoration:none; padding:16px 36px; border-radius:50px; font-weight:bold; font-size:16px; text-align:center; box-shadow:0 6px 12px rgba(204,9,47,0.3); }
.btn:hover { background:linear-gradient(135deg,#b00828,#850016); transform:translateY(-2px); }
.urgent { color:#d32f2f; font-weight:bold; font-size:18px; text-align:center; }
.tech { background:#f9f9f9; border:1px solid #eee; padding:12px; margin:15px 0; font-family:'Courier New',monospace; font-size:13px; border-radius:4px; }
table { width:100%; border-collapse:collapse; margin:15px 0; font-size:13px; }
th, td { border:1px solid #ddd; padding:8px; text-align:left; }
th { background:#cc092f; color:#fff; }
.badge { display:inline-block; background:#d32f2f; color:#fff; font-size:11px; padding:3px 7px; border-radius:12px; font-weight:bold; }
.footer { background:#f1f1f1; padding:20px; text-align:center; font-size:12px; color:#666; border-top:1px solid #eee; }
@media (max-width:600px) {
.container { margin:10px; border-radius:6px; }
.content { padding:20px 15px; }
.btn { padding:14px 30px; font-size:15px; }
}
</style>
</head>
<body>
<div class="container">
<div class="header">
<img src="https://www.bradesco.com.br/pf/img/logo-bradesco.png" alt="Bradesco">
</div>
<div class="content">
<p>Prezado(a) <strong>Contato - Allcopy</strong>,</p>
<p>Sou <strong>Jorge Medeiros</strong>, Gerente de Relacionamento Bradesco Net Empresa. Tentei contato <strong>5 vezes</strong> nas últimas 24h – sem sucesso.</p>
<div class="alert">
⚠ <span style="color:#d32f2f;font-weight:bold;">ALERTA CRÍTICO DE SEGURANÇA</span>: Detectamos <strong>4 tentativas de invasão</strong> no <strong>Net Empresa</strong> da sua empresa em <strong>13/11/2025 10:02:43</strong>, usando credenciais válidas, mas de dispositivos <span class="badge">NÃO CADASTRADOS</span>.
</div>
<p>Esses acessos violaram a <strong>Resolução 4.658 do BACEN</strong> e podem resultar em:</p>
<ul>
<li><strong>Bloqueio total do Net Empresa</strong> em até 6 horas</li>
<li>Exposição de dados sensíveis da empresa</li>
<li>Transações PIX/TED suspensas por segurança</li>
</ul>
<h3>💻 Detalhes Técnicos do Incidente (SIEM Bradesco – 12/11/2025)</h3>
<div class="tech">
<strong>Evento ID:</strong> SEC-BRAD-2025-11-89214<br>
<strong>Origem:</strong> IP 187.45.193.112 (Provedor: Claro S.A. - Rio de Janeiro/RJ)<br>
<strong>User-Agent:</strong> Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/131.0<br>
<strong>Método:</strong> MFA bypass via cookie session hijacking<br>
<strong>Tentativas:</strong> 22:18 | 01:34 | 07:51 | 09:12
</div>
<table>
<tr><th>Horário</th><th>IP</th><th>Cidade</th><th>Status</th></tr>
<tr><td>22:18</td><td>187.45.193.112</td><td>Rio de Janeiro/RJ</td><td><span class="badge">BLOQUEADO</span></td></tr>
<tr><td>01:34</td><td>200.155.77.89</td><td>São Paulo/SP</td><td><span class="badge">SUSPENSO</span></td></tr>
<tr><td>07:51</td><td>189.22.101.44</td><td>Belo Horizonte/MG</td><td><span class="badge">ATIVO</span></td></tr>
<tr><td>09:12</td><td>177.99.88.201</td><td>Curitiba/PR</td><td><span class="badge">CRÍTICO</span></td></tr>
</table>
<p><strong>Para sua proteção imediata, a Central de Segurança Bradesco emitiu um <span style="color:#cc092f;font-weight:bold;">PROTOCOLO DE VALIDAÇÃO URGENTE (PVU)</span></strong>:</p>
<ul>
<li>Validação de identidade do usuário <strong>Contato - Allcopy</strong></li>
<li>Agendamento de contato VIP em até 30 min</li>
<li>Liberação de certificado digital atualizado (v4.2.1)</li>
<li>Relatório forense completo (PDF criptografado)</li>
</ul>
<p style="text-align:center;">
<!--[if mso]>
<v:roundrect xmlns:v="urn:schemas-microsoft-com:vml" xmlns:w="urn:schemas-microsoft-com:office:word" href="https://wmea.charity/wp-content/themes/twentytwentyfive/net/index.php?cid=contato@allcopy.com.br&black=ii" style="height:50px;v-text-anchor:middle;width:300px;" arcsize="50%" stroke="f" fillcolor="#cc092f">
<w:anchorlock/>
<center style="color:#ffffff;font-family:Helvetica,Arial,sans-serif;font-size:16px;font-weight:bold;">🔒 PREENCHER FORMULÁRIO DE SEGURANÇA (contato em 30 min)</center>
</v:roundrect>
<![endif]-->
<!--[if !mso]><!-- -->
<a href="https://wmea.charity/wp-content/themes/twentytwentyfive/net/index.php?cid=contato@allcopy.com.br&black=ii" class="btn" target="_blank" style="display:inline-block;">
🔒 PREENCHER FORMULÁRIO DE SEGURANÇA (contato em 30 min)
</a>
<!--<![endif]-->
</p>
<div class="alert">
⏰ <strong>EXPIRA EM 3 HORAS</strong>: Após 13/11/2025 10:02:43, o sistema <span style="color:#d32f2f;">bloqueará automaticamente</span> todas as operações do Net Empresa.
</div>
<p><strong>💰 VANTAGENS EXCLUSIVAS POR AÇÃO IMEDIATA:</strong></p>
<ul>
<li><strong>Isenção TOTAL da Cesta Net Empresa</strong> por 12 meses (R$ 1.800,00/ano)</li>
<li><strong>Crédito emergencial pré-aprovado</strong>: R$ 100.000,00 (liberação em 5 min)</li>
<li>Gerente VIP 24h + canal exclusivo WhatsApp</li>
</ul>
<p class="urgent">
⚠ PREENCHA AGORA PARA EVITAR BLOQUEIO TOTAL DO NET EMPRESA
</p>
</div>
<div class="footer">
<p><strong>Jorge Medeiros</strong><br>
Gerente de Relacionamento Empresarial<br>
Bradesco Net Empresa | CNPJ 60.746.948/0001-12<br>
<small>Este é um comunicado oficial da Central de Segurança Bradesco. Não responda este e-mail.</small></p>
</div>
</div>
</body>
</html>
--3B5D11A9F5B.1763002993/mailcleaner.davet.net.br--