Glossary

The terms reports use

Reports describe what one controlled visit observed, in the plainest language the evidence allows. These are the technical terms that still appear, each defined once here so every report can link to it.

← Back to Site Behavior Lab

Brave Shields

The ad and tracker blocker built into the Brave browser. Reports compute what Shields would block by running every observed request through Brave's own open-source ad-block engine (adblock-rust) with Brave's default filter lists. Only network requests are matched: cosmetic filtering, which hides page elements, is not simulated.

“Brave would block”

The number of a page's requests that matched those default filter lists. In a single scan this is a simulation over the recorded requests; in a Blocker comparison the page is visited a second time with blocking active, so the diff shows measured behavior from one paired visit.

Global Privacy Control (GPC)

A signal the browser sends with every request asking the site not to sell or share your data. It carries legal weight in several US states, including California. The GPC diff mode visits the page with and without the signal to show whether the site actually behaves differently.

Third party

Any domain other than the site you scanned and its subdomains. A third-party request is not automatically tracking: content delivery networks and embeds are third parties too. That is why reports separately label known services.

Known service

A third-party domain that matched a curated catalog of recognizable advertising, analytics, social, and session-replay services. The catalog is a lower bound: a third party the catalog does not name can still track.

Fingerprint-like calls

Calls to browser APIs (canvas, WebGL, audio, WebRTC) that can help distinguish your device from others. Many uses are legitimate, such as charts and media, so reports count the calls, flag matched behavior patterns, and treat them as review prompts rather than proof of tracking.

Provenance

The causal chain behind a request: which script started it, and which script injected that script. It answers why the page contacted a domain instead of only recording that it happened.

Keystroke capture test

The scan types a synthetic sentinel value into the page's form fields (never submitting) and watches outgoing traffic for that value, including base64, hex, and hashed encodings. It covers fields on the loaded page, not flows behind logins or extra steps.

Advertising pixels

Tracking pixels from platforms like Meta, TikTok, and X. Reports decode which events each pixel fired (PageView, Purchase, and so on) and whether hashed personal-identifier fields were attached. Detection is by parameter name only; the values are never read or stored.

Consent comparison

Two paired visits: one clicking "Accept all" on the cookie/consent banner and one clicking "Reject all" (recognized banner controls or an exact accept/reject label, first layer only). The diff shows what the choice actually changed, including tracking companies that still loaded after rejecting. Banners often appear only in regions that require them, so a visit where no control was found stays pre-consent and the report says so.