As mentioned in this post about doing Browser Tracing, one can use a HAR viewer. Also noted, one should be diligent about scrubbing sensitive data from any kind of browser trace (HAR or Playwright).
Microsoft has done a nice write up on the secure way to do browser tracing over on LinkedIn.
The reason this post was made is that Authentication company Okta had a support agent get owned and the threat actor was able to use HAR files to get to active Admin Tokens. Yikes.
