[Eco Bounty] “Subscribe” Button Redirects to Different Domain
Target: https://iotexscan.io
Feature: Subscribe Button (Footer Section)
Category: Functional / UX / Link Misconfiguration
Severity: Medium
Summary
The “Subscribe” button on IoTeXScan redirects users to a completely different domain (https://iotex.io/#subscribe) instead of handling subscription directly within iotexscan.io.
This unexpected navigation may confuse users and breaks UX consistency between IoTeX platforms.
Steps to Reproduce
Go to https://iotexscan.io.
Scroll to the bottom section of the page.
Click the “Subscribe” button.
Expected Result
Clicking “Subscribe” should either:
Open an in-page subscription form, or
Stay within the iotexscan.io domain to handle the action internally.
Actual Result
The button redirects to another site:
https://iotex.io/#subscribe
This behavior breaks continuity and could be perceived as a potential phishing or misconfiguration issue.
Impact
Users might lose trust due to an unexpected domain change.
Breaks user flow and may result in lower subscription conversion.
Security scanners or bug bounty reviewers might flag cross-domain redirection as unsafe if not documented.
Proof of Concept
URL: https://iotexscan.io
Redirects to: https://iotex.io/#subscribe
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren
Device & Environment:
-Operating system: Windows 11 Pro
-Device model: A520MHP
Please authenticate to join the conversation.
Completed
New Issue
4 months ago
cryptotestnet
Subscribe to post
Get notified by email when there are changes.
Completed
New Issue
4 months ago
cryptotestnet
Subscribe to post
Get notified by email when there are changes.