CNET, ZDNET, PCMAG links not using HTTPS

Topic

New Reply

I recently realized, after changing my Chrome settings to “Always use secure connections” that links in CNET, ZDNET and PCMAG newsletters do NOT use HTTPS only HTTP. These are the sites that strongly urge us all take secure steps while browsing the internet. Looks like I’m going to have to cancel my subscription to these 3 newsletters. Unbelievable.

Reply | Quote

Replies

If you use an AV could be the antivirus SW is interfering with your chrome security settings. https://support.google.com/chrome/answer/6098869?hl=en

You can also try using another browser.

MacOS iPadOS and sometimes SOS

Reply | Quote

WSoldgeek42 wrote:

links in CNET, ZDNET and PCMAG newsletters do NOT use HTTPS only HTTP.

All of these sites use HTTPS with my Chrome.
Check your A/V’s web scanning settings.

Reply | Quote

WSoldgeek42 wrote:

“Always use secure connections”

= change http requests to https requests.
If you visit one of these links, what do you see?

Reply | Quote

All of those sites use https in all my browsers, including Internet Explorer 11.

In fact, if I “deliberately” enter one of the site addresses using http://, their site automatically redirects me to their https:// page instead.

I.e. if I enter http://www.zdnet.com/topic/ the page that shows up in my browsers is actually https://www.zdnet.com/topic/

BTW, the auto-redirect of http to https is a function of the server settings on their end of the connection, not the settings in your browser.

If it’s not working for you, then “something” is interfering with it.

I’d suggest you clear your browsers cache and try again.

1 user thanked author for this post.

b

Reply | Quote

Thanks for all the responses. I should add this only happens in emails received from CNET, etc. I am using the New Outlook for the MAC on a Apple M1 desktop running Sonoma. Chrome is up-to-date – Version 121.0.6167.139 (Official Build) (arm64). The message I receive is below.

The connection to url9974.online.zdnet.com is not secure

You are seeing this warning because this site does not support HTTPS. Learn more

Likewise, Firefox on my MAC, also rejects these sites because they are not HTTPS. But Safari converts the HTTP to HTTPS and opens the link.

Here is the 1st few lines from the URL as it appears in the email –

http://url9974.online.zdnet.com/ls/click?upn=YRD6WvOCYBI3oZzU3TyjPRiJrwIahHD5XizjoupAoEouJFHUrAw7fR848GgHXy4WwiQ7nf8e1GAdmNj-2BTk3UA-

If I turn off “secure connection” in Chrome then the problem goes away which is counter productive to being secure.

The only AVs I’m using are MS Defender (for the MAC) and Malwarebytes.

Any thoughts? Thanks.

 

 

 

Reply | Quote

Just checked and, while url9974.online.zdnet.com does belong to ZDNet, it uses a completely different IP address than their actual site.

zdnet.com = 34.149.132.124 — url9974.online.zdnet.com = 167.89.123.54

The fact there’s some special code after the actual URL indicates you’re being sent thru a special “tracking site” that records the fact you clicked the link in the e-mail they sent; plus whatever other data they’re gathering from the incoming link (i.e. browser, OS, date & time, geolocation, etc.)

The fact that site doesn’t auto-redirect to ZDNet’s secure https site indicates there’s a problem with how SSL is set up on the url9974 site.

Not sure if it’d help at all, but I’d suggest contacting ZDNet customer service and lodge a complaint as a “paying member” about the fact their e-mail links aren’t using SSL (i.e. https) so at least they’ll know there’s a issue they need to fix.

BTW, this most likely what’s also happening with the links for the other sites (i.e. the link in the e-mail you’re sent is coded so it sends you thru special “tracking site”, so they can record data about you when you click it, and the site it goes thru isn’t properly setup to handle auto-redirecting to their secure https site.)

4 users thanked author for this post.

Myst, TechTango, WSoldgeek42, b

Reply | Quote

Sounds reasonable nOads. I will follow up with each of the sites over possible insidious tracking practices.

I ran another test – I fired up my Windows machine running Win 10 and when I set “Always Use Secure Connection” on in Chrome the URL’s from CNET, ZDNET & PCMAG were blocked. So this is not something that is unique to the MAC or New Outlook for the MAC. PITA.

Reply | Quote