# ONEA - Office National de l'Eau et de l'Assainissement **Sector:** Water & Sanitation **Date:** 2026-03-03 **Source:** THOT Domain Intel + Manual Recon ## Domains | Domain | Status | |--------|--------| | `onea.bf` | UP (Cloudflare challenge page) | | `eauburkina.com` | UP | ## Hosting & Infrastructure - **IP:** 66.235.200.145 (United States — Bluehost behind Cloudflare) - **Server:** Cloudflare (CDN/WAF) - **WHOIS Registrar:** IKA SOLUTION (infos@ikasolution.bf, youattara@ikasolution.bf) - **WHOIS ALERT: Domain EXPIRED** — Registry Expiry: 2025-05-17 (still resolving but expired!) ## Tech Stack — onea.bf ### CMS / Framework - **WordPress** (block editor confirmed) - **Jetpack** plugin (sharing, forms, subscriptions) - **Wonder Blocks / NFD theme framework** (custom utility CSS) - **Cloudflare protection** — returns 403 "Just a moment..." challenge ### Frontend - Custom mobile resize event listener (Android/iOS detection) - **Reveal Slider** (rs-plugin-settings) for hero/banner - Lazy loading via `wp-img-auto-sizes` - Responsive grid, mobile-first - WooCommerce integration detected (product blocks, cart) ### Analytics - No explicit Google Analytics detected ## Tech Stack — eauburkina.com ### CMS / Framework - **Joomla** CMS - **JSN Gruve Pro** template ### Frontend / JavaScript - jQuery, SqueezeBox, Skitter, Bootstrap Tooltip - Dev reference to `http://localhost/eauburkina` — local dev artifacts in production ## DNS Records (8 found) ## Subdomains (12 found via brute-force) - `www.onea.bf` - `staging.onea.bf` — **staging environment** - `mail.onea.bf` — mail server - `autodiscover.onea.bf` — Exchange autodiscover - `webmail.onea.bf` — webmail interface - Additional infrastructure subdomains ## Emails Discovered - `infos@ikasolution.bf` (WHOIS — IKA SOLUTION registrar) - `youattara@ikasolution.bf` (WHOIS — personal name, likely IT contact) - 0 breaches found on either email ## Interesting Findings - **DOMAIN EXPIRED** (2025-05-17) but still resolving — potential domain hijack risk - If ONEA doesn't renew, anyone could register the national water utility's domain - **Cloudflare protection** — ONLY government-related site with any WAF/CDN - But returns 403 challenge to automated tools - **staging.onea.bf exposed** — staging environment publicly resolvable - **Two completely different sites** on different CMS (WordPress vs Joomla) — fragmented IT - **IKA SOLUTION** manages the domain (Burkinabè IT company) - **youattara@ikasolution.bf** — personal contact, likely Youssouf Attara or similar ## Security Notes - Cloudflare CDN = best protected infrastructure of all BF gov sites - But expired domain is a critical risk - staging environment should not be publicly accessible - eauburkina.com has dev artifacts (localhost references) ## TODO - [ ] Check staging.onea.bf for exposed dev content - [ ] Verify domain expiry status — is it actually at risk? - [ ] Joomla version on eauburkina.com - [ ] WordPress version on onea.bf - [ ] Check /wp-admin, /administrator - [ ] Investigate IKA SOLUTION (ikasolution.bf)