HAR.

12 HAR captures analyzed for perf + privacy leaks. 4 contain auth tokens in plaintext request headers. 2 leak PII in URL query strings logged by CDNs.

A HAR file you sent to support is a HAR file your auditor will eventually read.

HA-008 · support-ticket-2031.har TOKEN LEAK

Bearer token in 14 requests. Customer email in 6 query strings.

Redact HAR before sharing, rotate exposed token, audit log.