SSL Certificate Analysis for ticketmaster.com - Security Grade & TLS Configuration

Open Cached · just now

82/100 SECURITY SCORE

Certificate Information

Subject

CN=*.admission.com

Issuer

C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q3

Valid From

August 10, 2025

Valid Until

September 11, 2026 240 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

10:ED:36:95:2E:66:3A:83:C7:5B:64:48:AB:42:C5:AB:52:F3:39:FC:1F:71:B7:08:D3:9B:AA:B8:4F:18:9A:FF

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2

Forward Secrecy

Limited (Check cipher configuration)

Warnings

• TLS 1.3 is not supported (recommended)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=300

Content-Security-Policy

Weak

frame-ancestors

X-Frame-Options

Excellent

Deny

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Significantly strengthen CSP directives
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

ticketmaster.com *.ticketmaster.com am-static-01.ticketmaster.com checkout.ticketmaster.com mw.ticketmaster.com preprod1-am.ticketmaster.com stg1-am.ticketmaster.com admin.preprod-verifiedfan.ticketmaster.com admin.verifiedfan.ticketmaster.com stage.checkout.ticketmaster.com www.verifiedfan.ticketmaster.com

Other domains in certificate

*.admission.com

*.biletix.com

*.livenation.co.il

*.livenation.co.th

*.livenation.com.tw

*.comedystopcopenhagen.dk

identity.eventinventory.com

*.livenation.ae

fr.livenation.be nl.livenation.be

*.livenation.cn

*.livenation.co.jp

*.livenation.co.nz

*.livenation.co.uk

*.livenation.co.za

concerts.livenation.com verifiedfan.livenation.com

*.livenation.com.au

*.livenation.cz

*.livenation.de

*.livenation.dk

*.livenation.ee

*.livenation.es

*.livenation.fi

*.livenation.fr

*.livenation.hk

*.livenation.hu

*.livenation.it

*.livenation.kr

*.livenation.lt

*.livenation.nl

*.livenation.no

*.livenation.pl

*.livenation.qa

*.livenation.se

*.livenation.sg

*.livenationinternational.com

am-prod-client-files.ppub-tmaws.io am-static-02.ppub-tmaws.io am-static-03.ppub-tmaws.io am-static-04.ppub-tmaws.io am-stg-client-files.ppub-tmaws.io am-stg-common-content.ppub-tmaws.io common-widgets.ppub-tmaws.io stg-common-widgets.ppub-tmaws.io

buy.taylorswifttix.com

*.ticketmaster.at

*.ticketmaster.be

ticketmaster.ca *.ticketmaster.ca verifiedfan.ticketmaster.ca

*.ticketmaster.ch

identity.ticketmaster.co.nz m.ticketmaster.co.nz ticketmaster.co.nz *.ticketmaster.co.nz verifiedfan.ticketmaster.co.nz

identity.ticketmaster.co.uk ticketmaster.co.uk verifiedfan.ticketmaster.co.uk

embed.ticketmaster.com.au harrypotter.ticketmaster.com.au identity.ticketmaster.com.au m.ticketmaster.com.au *.ticketmaster.com.au verifiedfan.ticketmaster.com.au

identity.ticketmaster.com.mx m.ticketmaster.com.mx

*.ticketmaster.cz

*.ticketmaster.de

*.ticketmaster.dk

*.ticketmaster.es

*.ticketmaster.fi

*.ticketmaster.fr

identity.ticketmaster.ie ticketmaster.ie verifiedfan.ticketmaster.ie

*.ticketmaster.it

embed-au-alpha.ticketmaster.net embed-au-int.ticketmaster.net int-checkout.ticketmaster.net micro-au.ticketmaster.net

*.ticketmaster.nl

*.ticketmaster.no

*.ticketmaster.pl

*.ticketmaster.se

*.ticketweb.co.uk

*.lne.nonprod.public.tmaws.eu

*.tmol.co