API & MCP

Spectra

Audit HTTP security headers, detect misconfigurations, analyze cookies and CORS policy for any website.

As of July 2026, Spectra has users in the Developer Tools category.

Usersno change0%
Ratingno change0%
— reviews
Reviewsno change0%
Version
1.0.0
Manifest V3

History

1 snapshots

Tracking since Jul 10, 2026.

Not enough history yet for this metric — the chart fills in as we collect more snapshots.
View as table
DateUsersRatingReviewsVersion
Jul 10, 20261.0.0
Now1.0.0

Permissions & access

Permissions
webRequesttabsstoragecookies
Host access
<all_urls>

Screenshots

Spectra screenshot 1Spectra screenshot 2Spectra screenshot 3Spectra screenshot 4

About

Spectra - HTTP Security Header Auditor

Most websites are quietly misconfigured and nobody notices until something goes wrong. Spectra changes that. Open it on any page and you will instantly know how secure that site is, what is missing, and exactly what to do about it. No setup, no accounts, just open it and go.

WHAT SPECTRA DOES

Every website sends hidden instructions to your browser when it loads. These instructions, called security headers, tell the browser how to protect you from attacks. Most websites either skip them entirely or set them up incorrectly. Spectra reads those instructions and gives you a clear report in seconds so you know exactly where the risks are.

FREE FEATURES

• Checks 9 of the most important security headers and grades the page from A to F
• Shows a score for each header so you know which missing ones are the biggest risk
• Explains every header in plain English, no security background needed
• Gives you ready-to-use code fixes for Nginx, Apache, Express.js, and Next.js so you can resolve issues without Googling
• Detects old outdated headers that browsers no longer support and flags them for removal
• Catches headers that accidentally reveal what software the website is running, which is information attackers love to have
• Checks if the site is on the HSTS preload list, a browser-level protection for HTTPS sites
• Dark mode support
• A simple on and off toggle if you want to pause Spectra on certain pages

PRO FEATURES (one-time purchase, no subscription)

• CORS analysis: checks how the website handles requests from other websites. A misconfigured CORS policy is one of the most common ways user data gets exposed without anyone realising
• Cookie security audit: checks every cookie the site sets to make sure it is protected against common attacks like session hijacking and cross-site scripting
• Bulk scanner: paste in a list of websites and scan them all at once, great for checking your whole product before a release
• PDF export: generates a full report with grades, findings, and fix recommendations that you can share with your team or attach to a ticket

PRIVACY

Spectra works entirely inside your browser. It reads the same information that any browser sees when loading a page. Nothing you visit is tracked, recorded, or sent anywhere. The only external requests Spectra makes are a periodic check to verify your license and a one-time lookup to confirm HSTS status. Your browsing stays yours.

WHO IT IS FOR

• Developers who want to know if their site is actually secure before it goes live
• Security teams auditing websites as part of their work
• Business owners who want a second opinion on whether their website is putting users at risk
• Anyone curious about what is really going on under the hood of the websites they use every day

NOTE:
• Pro features require a one-time purchase made through the Spectra website. Pay once and keep it forever, no subscription. Spectra is not affiliated with Google.
• Payment is currently processed in Indian Rupees (INR). International cards (Visa, Mastercard) are accepted by the payment processor but the charge will appear in INR.

Technical

Version
1.0.0
Manifest
V3
Size
64.23KiB
Min Chrome
88
Languages
1
Featured
No

Metadata

ID
gbppionnhpagnkihaijlklbfdfnagblf
Developer ID
u4ea9e6dedec5ebe982fbc35ca63c9c4f
Developer Email
[email protected]
Created
Jul 9, 2026
Last Updated (Store)
Jul 9, 2026
Last Scraped
Jul 10, 2026
Website

Data sourced from the Chrome Web Store · last verified Jul 10, 2026.