Does babechat.ai redirect HTTP to HTTPS?

Yes. babechat.ai redirects HTTP requests to HTTPS, so users and search engines land on the secure URL.

Is HTTPS working for babechat.ai?

Yes. babechat.ai is reachable over HTTPS and the connection is encrypted.

What is the SSL grade for babechat.ai?

babechat.ai has SSL grade B+ (Good). Certificate is valid.

What security headers does babechat.ai send?

babechat.ai sends 0 of 6 recommended security headers (e.g. HSTS, CSP, X-Frame-Options). The report lists which are present and recommends adding missing ones.

What is the redirect chain?

For babechat.ai, the redirect chain is: http://babechat.ai → https://babechat.ai/. Shorter chains are faster and better for SEO.

HTTPS Checker

Security Tool

HTTPS, SSL & Security Report for babechat.ai

This report summarizes how well babechat.ai is configured for secure web delivery. It covers HTTPS availability, HTTP→HTTPS redirects, TLS/SSL certificate validity, security headers, HTTP/2 and HTTP/3 support, and mixed content. Use it to quickly spot configuration gaps and improve your site's security and trust.

Partially secureScore80/100Last checked: 26 Jun 2026 at 19:04 UTC

HTTPS

Enabled

HTTP → HTTPS

Yes

TLS

B+ · 1.2, 1.3

Security headers

0/6

Detailed checks

HTTPS availability

The site is reachable over HTTPS.

Why it matters: HTTPS encrypts traffic and protects user data.

HTTP to HTTPS redirect

Requests to HTTP are redirected to HTTPS.

TLS & CertificateB+

Valid	Yes
Issuer	C=US, O=Google Trust Services, CN=WE1
Expires	2026-09-19
Days until expiry	84 days

Why it matters: A valid, non-expired certificate ensures encryption is trusted by browsers.

To improve your grade

•Improve: HSTS Enabled (+5 pts).
•Improve: Security Headers (+5 pts).
•Improve: Modern TLS (no 1.0/1.1) (+10 pts).
•Reach 85+ points for A- (currently 80).

Get a weekly security report for this domain

We'll check SSL grade, HTTPS, redirects, and security headers weekly. Email only when something changes.

Grade breakdown4 things to improve for a higher grade →

80/100 pts

HTTPS Connection

+25/25

HTTP to HTTPS Redirect

+20/20

Valid SSL Certificate

+20/20

Certificate Not Expiring Soon

+10/10

Short Redirect Chain

+5/5

HSTS Enabled

+0/5

Security Headers

+0/5

Requires 4 of 6 headers and Content-Security-Policy (CSP).

Modern TLS (no 1.0/1.1)

+0/10

To improve your grade

•Improve: HSTS Enabled (+5 pts).
•Improve: Security Headers (+5 pts).
•Improve: Modern TLS (no 1.0/1.1) (+10 pts).
•Reach 85+ points for A- (currently 80).

Security headers0/6

HSTS
CSP
X-Frame-Options
X-Content-Type-Options
Referrer-Policy
Permissions-Policy

Score: 0 of 6 headers present. For the grade factor (5 pts), 4+ headers and Content-Security-Policy (CSP) are both required.

Cache-Control includes no-store on the HTML response. Browsers will not cache the document; ETag and conditional requests (304) are effectively disabled. Often intentional for authenticated pages; for public pages consider private with max-age or removing no-store if you want HTTP caching.

HSTS (HTTP Strict Transport Security)Disabled

EnabledNo

Submit or verify on hstspreload.org

Why it matters: HSTS tells browsers to use only HTTPS for this site. Preload allows inclusion in browsers’ built-in HSTS lists.

We check Chromium’s built-in list. hstspreload.org checks eligibility for submission (HSTS header, redirect chain). Results may differ for domains that are preloaded but no longer meet current eligibility rules.

HTTP/2

Negotiated (ALPN h2)

ALPN: h2

HTTP/3 (QUIC)

Advertised + confirmed

Alt-Svc: h3=":443"; ma=86400

Active QUIC negotiation succeeded (curl --http3).

DNS Security

CAA: Configured · DNSSEC: Not signedExpand

CAAConfigured

Allowed issuers: letsencrypt.org, digicert.com, pki.goog, comodoca.com, amazon.com, ssl.com

DNSSEC

Not signed

Mixed content

None detected

No HTTP resources were detected on the HTTPS page.

Redirect chain247ms total

When you visit the site over HTTP, the server may send you through one or more redirects until you land on the final HTTPS URL. Shorter chains are faster and better for SEO.

1.http://babechat.ai17ms
2.https://babechat.ai/230ms

Recommendations for babechat.ai

Based on this scan, here are the 2 next steps that would most improve security and SEO for babechat.ai.

Enable HSTS (Strict-Transport-Security)
Recommended
babechat.ai does not send the Strict-Transport-Security header. Without it, returning visitors can still be downgraded to HTTP by an attacker on the network. One header makes browsers always use HTTPS.
Security headers guide HSTS preload guide
Add 6 missing security headers
Recommended
babechat.ai sends 0 of 6 recommended security headers — missing: HSTS, CSP, X-Frame-Options…. Most take one line of server config and protect against clickjacking, MIME sniffing and data leaks.
How to set security headers What each header does

Show this badge on your site

Let your visitors know your SSL setup is verified. The badge always shows your current grade and links to this report. Paste the snippet into your site footer:

← live preview, updates automatically

<a href="https://httpsornot.com/report/babechat.ai?utm_source=badge" target="_blank" rel="noopener">
  <img src="https://httpsornot.com/badge/babechat.ai.svg" alt="SSL grade for babechat.ai — checked by HTTPS Checker" height="20" loading="lazy" />
</a>

Domain owner? If you want this report removed or made private, contact us.

Check another domain