Although Blossom plan stil can't be SSL encrypted (which is insane in 2019 - why not allow us to pay for the certificate or bring our own?), the {ticket.url} tag in returns the url with https as protocol, resulting in alarming messages when the customer opens the link.
It should be http for non-encrypted subdomains.