17 armed · 2 triggeredDownload scan Download Aceloop Free

Scanner live · zero permissions requested

17 passive proctor checks. No permissions.

Runs the browser-side signals real coding-assessment proctors use to catch AI-tool leakage — keystrokes, focus, clipboard, extension injection, automation fingerprints, click-through overlays. No camera, microphone, screen-share, or fullscreen prompt.

Armed17

Live8

Waiting7

Triggered2

Elapsed00:00

Download Aceloop Free Test your current AI tool

Live detection surface

Each card is a live vector. Some fire on page load; others wait for your input.

Browser + display

Signals from the visible tab itself: focus, geometry, dev surface, timing.

Visibility & focus

Live

Tab switches and window blur — the most common AI-overlay tell.

0 blurs / 0 tab hides

Screen geometry

Live

Multi-monitor and split-screen layouts visible from window.screen alone, no permission.

800x600 · inner 800x600

DevTools surface

Live

Window-size delta, debugger heuristics, console.log getter trap.

No DevTools surface detected

Timing / throttling

Live

Background-tab throttling, VM overhead, and overlay paint stalls are all visible from rAF cadence.

38 fps · 0 frame gaps · 0 timer drifts

Navigation guard

Live

beforeunload + popstate. Detects exit attempts during a session.

0 unload / 0 back-fwd attempts

Input behavior

Keystrokes, paste/copy, typing rhythm, code progression patterns.

Keyboard / hotkey leakage

Waiting for input

Ctrl/Cmd held then released without a key — the canonical leak of user-mode AI hotkeys.

0 flagged shortcuts · 0 orphaned Ctrl

Press any browser shortcut to test (e.g. Ctrl+T, F12).

Clipboard activity

Waiting for input

Copy/paste sizes, AI-shaped pastes, prompt watermark matches on return.

0 paste / 0 copy / 0 cut

Paste anything into the probe pad below to fire this vector.

Mouse viewport exits

Waiting for input

Pointer leaving the page tracks dock/taskbar trips and second-screen reaches.

0 exits · no exit yet

Typing biometrics

Waiting for input

Dwell/flight latencies, burst after pause, zero-correction streaks — the shape of replayed code.

0 wpm · dwell 0ms · flight 0ms

Type in the probe pad below to populate.

Code progression timeline

Waiting for input

Snapshot diffing catches paste-of-full-solution and stagnation→completion patterns.

0 snapshots · 0 instant jumps

Environment

Browser fingerprint, network, remote-access heuristics.

Browser fingerprint / VM

Triggered

Canvas/audio/font/WebGL/plugin signal stack — same vectors commercial proctors deploy.

GPU n/a · 2 cores · VM high

navigator.webdriver = true (automation)

Network environment

Live

WebRTC IP enumeration, timezone vs locale mismatch, connection-type churn.

4g · VPN low · 1 WebRTC IPs

Remote-access heuristics

Live

Input latency, keyboard echo, mouse quantization — the fingerprint of RDP/TeamViewer/Parsec.

Input 0ms · echo 0ms · likelihood low

AI / tool artifacts

Extension injection, AI output shape, prompt watermark, Fair Screen DOM enumeration.

Browser extensions / DOM injection

Clean

Extension-injected DOM nodes and content scripts — the surface a content-script proctor inspects first.

0 detected · 0 injected scripts · 0 mutation artifacts

AI output pattern

Waiting for input

Comment density, markdown leakage in paste, complete-solution-paste signatures.

0 analyses · markdown 0 · score low

Paste an LLM answer (or anything with ```fences```) into the probe pad to fire this vector.

Question watermark

Waiting for input

Invisible per-session watermark embedded in the prompt — paste-back becomes the strongest piece of evidence.

0 full / 0 partial matches

Copy the watermarked prompt from the probe pad, paste it back to fire.

Fair Screen DOM scan

Triggered

In-browser surrogate for the OS-level Fair Screen scanner (HN 46019665). Catches click-through, transparent, and high-z overlays.

0 iframes · 1 click-through · 0 ext nodes · 1 hi-z overlays

Probe pad — fire the input vectors

Paste, type, or copy the watermarked prompt back to see clipboard / typing / watermark / AI-pattern / code-progression vectors trigger live. No permissions, no submit, just signal.

Watermarked prompt (read-only)

1. Two Sum (Easy) Given an array of integers nums and an integer target, return indices of the two numbers such that they add up to target. You may assume that each input would have exactly one solution, and you may not use the same element twice. You can return the answer in any order. Example 1: Input: nums = [2,7,11,15], target = 9 Output: [0,1] Example 2: Input: nums = [3,2,4], target = 6 Output: [1,2] Example 3: Input: nums = [3,3], target = 6 Output: [0,1] Constraints: - 2 <= nums.length <= 10^4 - -10^9 <= nums[i] <= 10^9 - -10^9 <= target <= 2 * 10^9 - Only one valid answer exists.

Select all → copy → paste into the editor on the right to fire the watermark vector.

Editor311 chars

// Paste your AI tool's answer here, or start typing.
// Pasting a large block on top of this seed will fire
// the Code-progression and AI-pattern vectors above.
// Hotkeys you press are captured by the Keyboard vector
// — try Ctrl+T, Ctrl+N, or F12.

function twoSum(nums, target) {
// your solution here
}

Type, paste an LLM answer, hit Ctrl+T — watch the vector grid above.

Recent events13 total · last 12 shown

15:53:14.774visibilityPage became visible

15:53:14.765visibilityWindow regained focus

15:53:14.268networkWebRTC IPs extracted: 34.48.152.154

15:53:14.105fingerprintExtended fingerprint: canvas=c546089a, audio=f77c7b48, fonts=1, webglExt=0, plugins=5

15:53:14.098fingerprintBattery API available (level: 100%, charging: true)

15:53:14.061fairscreenFair Screen-style enumeration found 2 anomaly type(s): 1 click-through positioned element(s) (pointer-events:none); 1 high-z-index fixed overlay element(s)

15:53:14.057networkConnection: type=4g, downlink=1.6Mbps, rtt=100ms

15:53:14.048extensionsExtension scan complete — no artifacts found

15:53:14.047fingerprintBrowser fingerprint collected

15:53:13.972fingerprintLow CPU core count: 2

15:53:13.972fingerprintAutomation indicators detected: navigator.webdriver

15:53:13.972fingerprintnavigator.webdriver is true

Test your current AI tool

The point of this scanner is comparative. Run it, then run it again with your AI tool active, then watch which vectors fire.

1. Baseline
Watch the live grid above with no AI tool running. Note the vectors that stay live/clean.
2. Activate
Run your AI tool the way you would in a real round — hotkey, overlay, the works.
3. Re-scan
Reload this page or come back to the grid. New triggered vectors are the leaks your tool is producing.

Download Aceloop Free

3-problem trial · no card · Windows kernel stealth stack

Tool-class coverage

How each tool class fires against the passive browser-side vectors this scanner runs. Compared by architecture, not brand.

Passive check	User-mode overlay	Browser extension	Second device / remote	Aceloop kernel
Hotkey leakage (orphaned Ctrl/Cmd)	Triggers	Triggers	Latency noise	Clean
Window-focus / blur on overlay paint	Triggers	Triggers	Clean	Clean
Extension-injected DOM nodes	N/A	Triggers	N/A	Clean
Click-through / high-z overlay (Fair Screen)	Triggers	Triggers	N/A	Clean
Clipboard / paste shape	Optional	Common	Common	No paste path
Browser-fingerprint / automation	Clean	Clean	Triggers	Clean
Remote-access input latency	Clean	Clean	Triggers	Clean
AI-shaped pasted code	Triggers	Triggers	Triggers	No paste path

"Triggers" = produces an event this scanner would record. "Clean" = no event under normal operation. Per-row rationale lives in the Aceloop engineering blog. Method-only comparison; no third-party logo or claim is implied.

Scan utilities

Reset for a clean baseline before activating your AI tool. Download the scan as JSON to diff before/after runs, share with a teammate, or post in a writeup. Everything is local — nothing leaves your browser.

JSON includes vector statuses + full event log (timestamps, module, severity, message). File is generated locally via a Blob URL; no network request fires. Use this to diff against a second run with your AI tool active.

Methodology

The scanner is intentionally bounded. Permission-gated checks below are excluded.

Webcam gaze / presence

Requires camera permission. Not run by this scanner.

Audio monitoring

Requires microphone permission. Not run by this scanner.

Screen-share capture coverage

Requires screen-share permission. Not run by this scanner.

Fullscreen lock / exit

Requires a user gesture for fullscreen. Not run by this scanner.

FAQ

Why are camera, microphone, and screen-share checks missing?▼

They require browser permission prompts. This scanner is intentionally permission-free so anyone can load it and see results immediately. Coding-platform proctors that do request those permissions catch additional vectors, but most AI-tool leakage shows up in the passive surface this scanner runs.

Does this scanner store my keystrokes, code, or send anything to Aceloop?▼

No. The scanner is fully client-side — nothing leaves your browser. Detection runs locally; your keystrokes, code, paste contents, and event log are never sent off-machine. When you click "Download scan as JSON" the file is generated locally via a Blob URL and downloaded to your machine; no network request fires.

WebRTC IP enumeration — is that a privacy risk?▼

It runs locally in your browser to detect VPNs and tunneled environments. Your IP addresses are visible to the in-page scanner code only and are never transmitted off your machine.

How do I interpret "Waiting for input"?▼

That vector requires interaction to fire (keyboard, paste, type, mouse exit). Use the probe pad to trigger them. "Live" means the vector is actively monitoring a passive signal. "Triggered" means a detection event fired.

Built by Aceloop · Engineering posts on each vector live at /blog

Download Aceloop Free