Spirit Airlines' Abandoned Azure Booking APIs and Exposed Phishing Domains
braydenbte.substack.com Excluding Linux clients, as they are likely crawling bots…
Should I put Windows or OS X in my user agent?
When I heard about Spirit's liquidation today, I dug into their web infrastructure. After discovering that their entire booking flow and Azure API was left exactly as it was before their announcement, I grabbed 3 obvious phishing domains for $11.48 each to block malicious actors.
It's like they didn't even consult an LLM on how to perform an orderly shutdown! Thanks for the interesting read, I'd be a bit paranoid registering those domains though you seem to have benign intentions.
To be fair, if I’m working for a company that just went bust, I’m already an unsecured creditor who is probably facing a long battle to be paid what I’m already owed.
I’m sure as hell not going a hang around for free to do an orderly shutdown of their IT infrastructure.
That's exactly why I don't blame their IT team at all. Truthfully, the reason this story intrigued me was just how little preparation the higher-ups made beforehand. For a company that's been in a bankruptcy case since Aug 2025, you'd think they'd have made some preparations for the worst.
Truthfully, I just felt that those three domains were way too predictable to leave open, especially if I wrote about them. I have documented that I have done nothing but redirect to their own site, though it might still be a risk.