# SONABEL - Societe Nationale d'Electricite du Burkina Faso
**Sector:** Energy (National Electricity)
**Date:** 2026-03-03
**Source:** THOT Domain Intel + Manual Recon

## Domains
| Domain | Status |
|--------|--------|
| `sonabel.bf` | UP (geo-blocked from US, alive on African network) |
| `sonabel.net` | UNKNOWN |

## Hosting & Infrastructure
- **IP:** 102.211.121.6 (African IP range)
- **Runs own DNS servers:** dns1.sonabel.bf, dns2.sonabel.bf, dns3.sonabel.bf, dns4.sonabel.bf
- **WHOIS Registrar:** CVP (brice.s@cvp.bf admin contact)
- **Email:** Microsoft 365 (MX records confirm M365)

## DNS Records (12 found)
- A, NS (custom nameservers), MX (M365), TXT (SPF)
- Running own authoritative DNS = self-hosted infrastructure

## Subdomains (7 found via brute-force)
- `www.sonabel.bf`
- `www3.sonabel.bf` — secondary/staging web server
- `dt.sonabel.bf` — internal system (DT = data/technical?)
- `dns1-4.sonabel.bf` — authoritative nameservers
- `mail.sonabel.bf` — mail server (from crt.sh harvest)

## Interesting Findings
- **Self-hosted DNS infrastructure** — running 4 nameservers means they manage their own DNS, not outsourced
- **www3 subdomain** — suggests multiple web server instances or load balancing
- **dt subdomain** — likely internal technical/operations system
- **Domain is alive** per THOT intel (African IP 102.211.121.6) despite being unreachable from US — confirmed geo-blocking or network routing issue
- **CVP registrar** with admin contact brice.s@cvp.bf — CVP appears to be a local Burkina Faso web/hosting company
- **M365 email** — using Microsoft cloud for email despite self-hosted DNS

## Security Notes
- IP is in African address space — likely hosted in-country or regionally
- Running own DNS = more attack surface but also more control
- 4 DNS servers for redundancy is good practice

## TODO
- [ ] Retry from West African VPN to confirm site content
- [ ] Enumerate dt.sonabel.bf and www3.sonabel.bf
- [ ] Check M365 tenant configuration
- [ ] WHOIS full dump on CVP registrar relationship
- [ ] Shodan/Censys on 102.211.121.6