git·ime .dev
gitime.dev / HAR File Analyzer & Viewer
Runs 100% in your browser — nothing uploaded

HAR File Analyzer & Viewer

Drop a .har network capture and see a request table, totals for transfer size and time, breakdowns by status and resource type, the slowest requests, and a scan for leaked tokens and cookies. HAR files hold live credentials, so everything is parsed on your device.

HAR JSONpaste or open a file
Open or paste a HAR file to analyze. Everything runs on this device.
On this page

How to analyze a HAR file

Click Open .har file and pick the capture you exported from your browser's developer tools, or paste the HAR JSON straight into the input pane. The analyzer reads log.entries and immediately shows a summary — total requests, total transfer size and total time — followed by breakdowns by HTTP status and resource type, the slowest requests, and a full request table you can scroll. A secret scan runs first and flags any credentials found in the capture. Everything happens in your browser; nothing is uploaded.

What a HAR file actually is

A HAR (HTTP Archive) file is a JSON document that records the network activity of a web page. When you open developer tools, switch to the Network tab and save the session, the browser writes every request and response — the URL, method, status code, all request and response headers, cookies, query parameters, timing phases and frequently the response bodies — into a single .har file. That completeness is what makes HAR captures the standard way to report a bug to a vendor or debug a slow page, and also what makes them dangerous to share: a HAR from a logged-in session contains working session cookies and bearer tokens.

Because a HAR is just JSON, you can read it in a text editor in principle, but a real capture from a modern site has hundreds of entries spanning tens of thousands of lines. Pasting that into a chatbot to "see what is slow" is both impractical — it gets truncated — and reckless, because you would be handing live credentials to a third party. A structured viewer that runs locally solves both problems at once.

What the analyzer measures

The summary totals come straight from the capture. Total requests counts entries; total transfer sums the bytes each response moved over the wire (using the recorded transfer size where present, falling back to the response body size); and total time sums each entry's full duration. Two breakdowns sit underneath: by HTTP status class (2xx success, 3xx redirects, 4xx client errors, 5xx server errors) so failed requests jump out, and by resource type (document, script, stylesheet, image, font, XHR/fetch and other) so you can see what a page is actually loading. The slowest requests are ranked by duration, which is usually where page-speed problems hide.

The request table lists every entry with its method, status, type, host, path, transfer size and time. Status codes are colour-coded so a wall of green with a few red rows reads at a glance. The table is built from the same data the summary uses, so the numbers always agree.

The secret scan, and why it is here

The first thing the analyzer does is look for leaked credentials. It scans every request's headers for Authorization, Cookie, X-Api-Key and similar fields, and every query string for parameters named like token, key, secret, password, session or signature. If it finds any, it tells you how many requests are affected and which fields were seen, so you can scrub the HAR before attaching it to a ticket or sending it to a colleague. A clean capture gets a green all-clear instead. The scan is a heuristic — treat a clean result as "nothing obvious", not a guarantee — but it catches the leaks that matter most.

Why a local HAR viewer matters

A HAR file is one of the most sensitive artefacts a developer routinely produces. It captures a real session, which means real cookies, real tokens and real request bodies — exactly the things that, in the wrong hands, let someone impersonate the user. Uploading a HAR to an online analyzer ships all of that to someone else's server, where it can be logged, cached or breached. The safe way to inspect a HAR is to never let it leave your machine.

This tool is plain JavaScript that runs inside your own browser tab. The file is read with the browser's local FileReader; parsing, totalling and the secret scan all happen in memory on your device; nothing is sent anywhere and there is no account or logging. Close the tab and the capture is gone. That is the gitime.dev approach throughout: deterministic, dependency-light developer tools that keep your data where it belongs.

Frequently asked questions

Is my HAR file uploaded anywhere?
No. The HAR is read and parsed in your browser. The cookies, tokens and bodies it contains never leave your device.
What is a HAR file?
A JSON export of a browser's recorded network activity — every request, header, cookie and timing for a page session.
Why does it warn about secrets in my HAR?
HAR captures routinely contain live credentials. The scan flags Authorization, Cookie and key-like fields so you can scrub the file before sharing.
How do I export a HAR file?
In devtools, open the Network tab, reload, then choose "Save all as HAR" and drop the resulting file here.

Related tools

cURL Converter Turn one request into a fetch() snippet JWT Decoder & Verifier Inspect a bearer token from a header User-Agent Parser Break down the User-Agent header JSON Formatter & Validator Pretty-print a response body Protobuf Decoder Decode a binary protobuf payload Privacy & data handling How your data stays in your browser