Release Notes

Added — Returning Visitor Version Banner

• includes/version.php: single source of truth for current site version (PROBE_VERSION constant)
• Version meta tag (<meta name="probe-version">) emitted on every page via header.php
• VersionCheck module in app.js: reads version from meta tag, compares against a probe_version cookie
• First-time visitors: cookie set silently with current version, no banner shown
• Returning visitors with outdated cookie: non-intrusive banner slides in at top of page with update count ("There have been X site updates since your last visit"), "See What's New" button linking to /releases, and "Continue" dismiss button
• Cookie: probe_version, 1-year expiry, Secure + SameSite=Lax, updated on dismiss or clicking release notes
• Banner dismissed per session via sessionStorage to avoid repeated prompts
• CSS: banner styles in components.css with slide-in animation, responsive mobile layout
• Semver comparison and update counting logic (major + minor version jumps)

Added — Public Release Notes

• releases.php: public release notes page at /releases that parses docs/CHANGELOG.md and renders versioned releases with styled timeline UI, version badges, date formatting, section headings, and bulleted change lists
• CSS: release notes styles in layout.css (timeline, version badges, section titles, code highlighting, responsive layout)
• Footer: added "Releases" link between About and Privacy
• sitemap.xml: added /releases URL

Added — Smart Search "Paste & Magic"

• New assets/js/smart-search.js: context-aware input detection engine that identifies 14+ input types (IPv4, IPv6, CIDR, domain, URL, email, MAC address, JWT, cron expression, hex color, epoch timestamp, ASN, Base64, JSON, regex, MD5/SHA hash) using pure client-side regex — zero server calls, zero logs
• Smart dropdown appears below hero search with: type detection badge, best-match tool highlighted with Enter shortcut, 2-5 runner-up suggestions, keyboard navigation (arrow keys + Enter + Escape)
• Inline result previews for simple lookups: MAC vendor identification, hex color → RGB/HSL conversion with swatch, epoch → human date, Base64 → decoded preview, hash type identification
• Tools open with input pre-filled via URL parameters (e.g., /network/ip-lookup?ip=8.8.8.8)
• Paste detection fires immediately (no debounce on paste, 150ms debounce on typing)
• Falls back to existing fuzzy tool-name search when no type is detected
• CSS: smart dropdown styles in components.css (.smart-search-dropdown, suggestions, inline results, color swatch, badges, animations, mobile responsive)
• Homepage hero search placeholder updated to "Paste anything — IP, domain, MAC, JWT, JSON..."
• Loaded only on homepage via $homepage_extra_js flag in footer.php

Added — Phase 3: All 12 Tier 3 Tools

• Reverse IP Lookup (server-side): find domains sharing an IP via HackerTarget API
• BGP/ASN Lookup (server-side): autonomous system info via HackerTarget API
• Robots.txt Tester (server-side): fetch and parse robots.txt rules
• Sitemap Validator (server-side): validate XML sitemaps, check URL counts and lastmod
• User Agent Parser (client-side): parse UA strings, auto-detect current browser
• CSP Analyzer (server-side): parse and score Content-Security-Policy headers
• JSON/YAML/XML Converter (client-side): convert between data formats with live output
• Color Converter (client-side): HEX/RGB/HSL conversion with live color preview
• Lorem Ipsum Generator (client-side): placeholder text by paragraphs/sentences/words
• Markdown Preview (client-side): live Markdown-to-HTML rendering
• Diff Checker (client-side): line-by-line text comparison with highlighted diffs
• QR Code Generator (client-side): generate QR codes from text/URLs with download

Changed

• tool-config.php: added all 12 Tier 3 entries (42 total live tools)
• sitemap.xml: added 12 Tier 3 tool URLs (46+ total)
• CLAUDE.md: updated to Phase 3 Complete, 42 tools live

Added — Static Pages

• about.php: About page with sections on what Probe Toolkit is, who built it, philosophy, tech stack, and tool categories
• privacy.php: Privacy policy covering client-side processing, server-side data handling, rate limiting, localStorage, Cloudflare, future advertising, HTTPS enforcement
• terms.php: Terms of service covering permitted use, no warranty, user responsibility, intellectual property, limitation of liability, governing law
• support.php: Support page with FAQ (7 questions), contact emails, bug reporting guidance, feature request info
• layout.css: added .static-page, .static-page-section, and related typography styles for static content pages

Fixed

• Footer links (About, Privacy, Terms, Support) no longer 404

Changed — SEO Enhancements

• seo-head.php: added BreadcrumbList JSON-LD structured data for all tool pages (Home > Category > Tool), using $breadcrumb_category variable set by tool-layout.php
• tool-layout.php: added $breadcrumb_category variable (from $category['name']) before header include, passed to seo-head.php for BreadcrumbList JSON-LD
• sitemap.xml: added <lastmod>2026-03-24</lastmod> to all 30 existing URL entries
• sitemap.xml: added 4 static page URLs (about, privacy, terms, support) with appropriate priorities
• index.php: updated homepage meta description to mention 30+ tools, all categories, SSL checker, JWT decoder, and "no tracking"

Added — Phase 2 Batch 1 (4 new tools)

• Bandwidth Calculator tool (client-side): PHP page (network/bandwidth-calculator.php) + JS (assets/js/tools/bandwidth-calculator.js) — converts between bandwidth units (bps, Kbps, Mbps, Gbps, Tbps), shows bits-per-second and bytes-per-second conversions side by side, calculates data transferred over common time periods (1s/1m/1h/1d), optional file size input for transfer time estimation with human-readable duration formatting, Copy All and Export CSV, SEO content block
• MTU Calculator tool (client-side): PHP page (network/mtu-calculator.php) + JS (assets/js/tools/mtu-calculator.js) — calculates maximum payload size given MTU and selected protocol layers (IPv4, IPv6, TCP, UDP, ICMP, GRE, IPsec ESP, VXLAN, MPLS), shows overhead breakdown table, efficiency percentage, TCP MSS value, quick-preset pills for common MTUs (Ethernet 1500, Jumbo 9000, PPPoE 1492, IPv6 Min 1280, IPv4 Min 576), common MTU reference table, Copy All and Export CSV, SEO content block
• CIDR Calculator tool (client-side): PHP page (network/cidr-calculator.php) + JS (assets/js/tools/cidr-calculator.js) — expands CIDR blocks into full IP ranges with network/broadcast/mask/wildcard details, usable host count, optional subnet splitting into smaller prefixes with tabular output (capped at 256 displayed rows), re-calculates on split selection change, Copy All and Export CSV (exports split table when splitting), SEO content block
• JWT Decoder tool (client-side): PHP page (security/jwt-decoder.php) + JS (assets/js/tools/jwt-decoder.js) — decodes JWT header and payload from Base64URL, displays all claims with registered claim labels, formats timestamp claims (exp/iat/nbf) as human-readable dates, expiry status banner (valid/expiring-soon/expired/no-expiry) with color coding, raw JSON display in code-output-blocks, signature display, Copy All and Export CSV, SEO content block

Added — Phase 2 Batch 2 (3 new tools)

• Reverse DNS Lookup tool (server-side): PHP page (dns/reverse-dns.php) + API (api/reverse-dns.php) + JS (assets/js/tools/reverse-dns.js) — resolves IP addresses to hostnames via gethostbyaddr() PTR lookup, performs forward-confirmed rDNS (FCrDNS) by resolving hostname back to IPs and checking for a match, status banner indicating PTR found/not found and FCrDNS verified/failed, displays forward resolution IPs, URL parameter support (?ip=), Copy All and Export CSV, SEO content block
• Nameserver Lookup tool (server-side): PHP page (dns/ns-lookup.php) + API (api/ns-lookup.php) + JS (assets/js/tools/ns-lookup.js) — queries NS records for any domain via dns_get_record(DNS_NS), resolves each nameserver to IPv4 and IPv6, sorted alphabetically, data table with per-row copy, URL parameter support (?domain=), Copy All and Export CSV, SEO content block
• HTTP Header Inspector tool (server-side): PHP page (web/http-headers.php) + API (api/http-headers.php) + JS (assets/js/tools/http-headers.js) — fetches HTTP response headers via cURL HEAD/GET, SSRF protection, status code banner, request summary, security headers scorecard (7 headers), full header table with per-row copy, URL parameter support (?url=), Copy All and Export CSV, SEO content block

Added — Phase 2 Batch 3 (3 new tools)

• Email Header Analyzer tool (client-side): PHP page (email/header-analyzer.php) + JS (assets/js/tools/header-analyzer.js) — parses raw email headers, extracts Received hops in chronological order with timestamps and hop-by-hop delay calculation, identifies slow hops (>30s), extracts SPF/DKIM/DMARC authentication results with color-coded badges, displays key metadata (From, To, Subject, Date, Message-ID, Return-Path, X-Mailer, spam headers), summary with total headers/hops/delivery time, Copy All and Export CSV, SEO content block
• Cron Expression Builder tool (client-side): PHP page (dev/cron-builder.php) + JS (assets/js/tools/cron-builder.js) — parses standard 5-field cron expressions, generates human-readable schedule descriptions, calculates next 10 run times, expression field breakdown table, quick-preset pills (every minute, hourly, weekdays 9AM, daily midnight, weekly, monthly, yearly), auto-analyzes on preset click, Copy All, SEO content block
• MAC Address Lookup tool (client-side): PHP page (dev/mac-lookup.php) + JS (assets/js/tools/mac-lookup.js) — embedded OUI database (~200 top vendors: Cisco, Apple, Samsung, Intel, HP, Dell, etc.), normalizes MAC input from any format (colon/dash/plain/Cisco), identifies locally administered (random) and multicast addresses, displays vendor, OUI prefix, address type, administration type, and all 4 format variants (colon, dash, plain hex, Cisco), Copy All, SEO content block

Added — Phase 2 Batch 4 (5 new tools)

• SPF/DKIM/DMARC Checker tool (server-side): PHP page (email/spf-dkim-dmarc.php) + API (api/spf-dkim-dmarc.php) + JS (assets/js/tools/spf-dkim-dmarc.js) — queries SPF, DKIM (tries default/google/selector1 selectors), and DMARC TXT records, validates syntax, parses DMARC policy/rua/ruf/pct, warns on common misconfigurations (+all, missing mechanisms), color-coded status per record, URL param support, Copy All and Export CSV
• Redirect Tracer tool (server-side): PHP page (web/redirect-tracer.php) + API (api/redirect-tracer.php) + JS (assets/js/tools/redirect-tracer.js) — follows HTTP redirect chain via cURL (manual FOLLOWLOCATION=false, max 10 hops), SSRF protection, records each hop with status code/URL/response time/server header, status code badge coloring, URL param support, Copy All and Export CSV
• Meta Tag Analyzer tool (server-side): PHP page (web/meta-tags.php) + API (api/meta-tags.php) + JS (assets/js/tools/meta-tags.js) — fetches URL via cURL, parses HTML with DOMDocument, extracts title/meta/OG/Twitter Card tags, canonical URL, favicon, h1/h2 counts, title/description length analysis, grouped display sections, URL param support, Copy All and Export CSV
• DNS Propagation Checker tool (server-side): PHP page (dns/propagation.php) + API (api/dns-propagation.php) + JS (assets/js/tools/dns-propagation.js) — checks DNS resolution via DNS-over-HTTPS from Google DNS and Cloudflare plus local PHP resolution, record type pill selection (A/AAAA/MX/NS/TXT/CNAME), consistency check, color-coded propagation status banner, URL param support, Copy All and Export CSV
• Email Blacklist Checker tool (server-side): PHP page (email/blacklist-check.php) + API (api/blacklist-check.php) + JS (assets/js/tools/blacklist-check.js) — checks IPv4 address against 14 major DNSBLs (Spamhaus, SpamCop, Barracuda, SORBS, UCEProtect, etc.) via reversed-IP DNSBL query pattern, clean/listed summary with counts, per-blacklist status table, URL param support, Copy All and Export CSV

Changed

• tool-config.php: added all 15 Tier 2 tool entries; updated subnet-calculator and ssl-checker related tools
• sitemap.xml: added all 15 new tool URLs
• CLAUDE.md: updated to Phase 2 — Expansion In Progress, 30 tools live

Changed

• JSON Formatter: JS rewritten to use .code-output-block with .code-output-header for Format and Minify modes; .json-output class preserved on body for syntax highlighting; Minify mode shows size comparison in .code-output-meta; Validate mode uses .status-banner.status-success / .status-banner.status-error; per-block .copy-icon via event delegation; removed inline styles from render functions
• Epoch Converter: JS rewritten to render results as .info-grid with .info-grid-item, .info-label, .info-value, and .copy-icon per row; live timestamp copy button updated to use .copy-icon pattern with data-copy attribute; Copy All wired to all result rows
• HTTP Status Codes: JS rewritten to use .result-section + .result-section-title for category group headings instead of inline-styled <h2> elements; kept .status-code-grid, .status-code-item, .status-category-section classes; no functional changes
• Regex Tester: JS rewritten to use .code-output-block for highlighted test string (header shows match count in .code-output-meta); .result-section + .result-section-title for Match Details section; .status-banner.status-error for invalid regex errors; Copy All wired to lastMatches array; debounced real-time updates (200ms); Export CSV preserved

Changed

• DNS Lookup: PHP input updated to use .pill-group with role="radiogroup" and role="radio" on pills (was option-pills); removed SRV from pill options; JS rewritten to render results as .table-wrapper > .data-table with Type (.dns-record-type badge), Name, Value, TTL, and Copy columns; per-row .copy-icon buttons via event delegation; Copy All outputs tab-separated text; Export CSV wired
• WHOIS Lookup: JS rewritten to render parsed fields in .result-section > .info-grid with per-field .copy-icon buttons; Nameservers and Status as .full-width items; Status codes rendered as .dns-record-type badges; raw WHOIS uses .code-output-block with collapsible body and copy button in header; Copy All wired to parsed summary
• SSL Certificate Checker: JS rewritten to use .status-banner (.status-success/.status-warning/.status-error) with expiry subtitle and color coding; Certificate Details in .result-section > .info-grid with per-field .copy-icon buttons; SANs as .full-width item; Certificate Chain retains .ssl-chain visualization; Copy All and Export CSV wired

Added

• CSS: .dns-record-type standalone badge class in tools.css for use in data tables
• CSS: .data-table .copy-icon styling (opacity on hover, green highlight, copied state) in tools.css

Changed

• What Is My IP: Rewritten results to use .info-grid with .primary.full-width for IP address (green, large) and .result-section for Network Information; per-field .copy-icon buttons with event delegation; Copy All wired
• Subnet Calculator: Rewritten results into three .result-section groups (Network Addresses, Host Range, Classification) using .info-grid with per-field .copy-icon buttons; Binary Subnet Mask set to .full-width; PHP input updated to use input-row pattern with select-field class for CIDR dropdown and Probe button inline with IP input
• IP Geolocation: Rewritten results to use .info-grid with .primary.full-width for IP address, country flag emoji, per-field .copy-icon buttons with event delegation; removed old .ip-display pattern; Copy All and Export CSV wired
• MX Record Checker: Rewritten results to use .table-wrapper > .data-table with Priority (td-label), Mail Server, IP Address, and Copy columns; per-row .copy-icon buttons with event delegation; Copy All and Export CSV wired

Changed

• Password Generator: Rewritten results rendering to use .info-grid for Entropy, Pool Size, and Strength Level with copy-icon buttons; button label changed from "Probe" to "Generate"; Copy All wired to copy the generated password
• Base64 Encode/Decode: Input restructured with labeled .tool-controls sections and monospace textarea; results now use .code-output-block with header (label + byte sizes + copy) and green mono body; Copy All wired to output
• URL Encode/Decode: Results rewritten to use .code-output-block with method badge in header, char counts, and copy button; Copy All wired to output
• Hash Generator: Results rewritten as stacked .code-output-block elements (one per algorithm) with bit-length and char-count metadata in header; Copy All wired to copy all hashes as "ALGO: hash" formatted text

Added

• sitemap.xml with all 15 tool URLs
• robots.txt with crawl directives

Fixed

• WHOIS API: replaced shell_exec (unavailable on shared hosting) with direct socket WHOIS queries supporting referral following and 20+ TLD servers
• IP Geolocation API: switched from ip-api.com (HTTP blocked) to ipapi.co (HTTPS)
• My IP API: same ipapi.co fix for geolocation data

Changed

• CLAUDE.md status updated to Phase 1 Complete, 15 tools live

Added

• HTTP Status Codes Reference tool: PHP page (dev/http-status-codes.php) + JS (assets/js/tools/http-status-codes.js) — static reference page displaying all standard HTTP status codes (1xx–5xx) as a searchable, filterable card grid grouped by category, instant search by code number or keyword, category filter pills (All/1xx/2xx/3xx/4xx/5xx), color-coded cards by category range, results visible immediately on page load (no Probe button needed), screen reader announcements for filter changes, SEO content block
• Regex Tester tool: PHP page (dev/regex-tester.php) + JS (assets/js/tools/regex-tester.js) — client-side regex testing with real-time match highlighting using JavaScript native RegExp, configurable flags (global/case-insensitive/multiline/dotAll), match count display, highlighted test string with green match spans, expandable match details with full match text/position/capture groups, capture group color coding, debounced 200ms real-time updates on input, infinite-match protection (cap at 1000), invalid regex error display, CSV export of matches, copy all results, SEO content block
• CSS styles for status code category section spacing and regex tester match detail accordion in tools.css

Added

• SSL Certificate Checker tool (server-side): PHP page (web/ssl-checker.php), API endpoint (api/ssl-check.php), JS (assets/js/tools/ssl-checker.js) — connects to domains over SSL/TLS via stream_socket_client(), extracts certificate details using openssl_x509_parse(), displays status badge (Valid/Invalid/Expired) with color-coded icon, days-until-expiry with green/amber/red thresholds, info grid with Common Name, Issuer, Valid From/To, Serial, Signature Algorithm, Protocol version, Domain Match, SANs list, certificate chain visualization with connected dot/line layout, Copy All and Export CSV, URL parameter support (?domain=), input validation, rate limiting, SEO content block
• SSL checker CSS styles in tools.css: status badge (valid/invalid/expired states), days-remaining color coding, certificate chain connector layout, responsive breakpoints
• Updated tool-config.php: ssl-checker api_endpoint corrected to /api/ssl-check.php

Added

• DNS Lookup tool (server-side): PHP page (dns/lookup.php), API endpoint (api/dns-lookup.php), JS (assets/js/tools/dns-lookup.js) — queries A, AAAA, MX, NS, TXT, CNAME, SOA, SRV, and ALL record types via PHP dns_get_record(), record type quick-select pills with ALL as default, results rendered as data table with Type/Name/Value/TTL columns, per-row copy buttons, Copy All and Export CSV, URL parameter support (?domain=&type=), input validation, rate limiting, SEO content block
• WHOIS Lookup tool (server-side): PHP page (dns/whois.php), API endpoint (api/whois.php), JS (assets/js/tools/whois.js) — queries WHOIS data via shell_exec, parses raw output into structured fields (domain, registrar, created/updated/expires dates, nameservers, status codes, registrant, DNSSEC), displays parsed info in grid with formatted dates, raw WHOIS output in collapsible pre block with copy button, exports raw WHOIS as .txt file, URL parameter support, shell_exec availability check, input validation, rate limiting, SEO content block
• CSS styles for WHOIS raw output toggle/collapsible section, DNS results summary header, and WHOIS results notice in tools.css

Added

• IP Geolocation Lookup tool: PHP page (network/ip-lookup.php) + API (api/ip-lookup.php) + JS (assets/js/tools/ip-lookup.js) — server-side IP geolocation via ip-api.com, accepts IPv4/IPv6 addresses and domain names (auto-resolved via gethostbyname), validates input and rejects private/reserved IPs, returns country with flag emoji, region, city, ZIP, coordinates, timezone, ISP, organization, ASN; info grid display with per-field copy, "Use my IP" button that fetches from /api/my-ip.php, URL param support (?ip=), CSV export, SEO content block
• MX Record Checker tool: PHP page (email/mx-lookup.php) + API (api/mx-lookup.php) + JS (assets/js/tools/mx-lookup.js) — server-side MX record lookup using dns_get_record(DNS_MX), sorts by priority (lowest first), resolves each MX host to an IP via gethostbyname, strips @ prefix from email input, displays results as sortable data table with per-row copy, record count summary, handles domains with no MX records gracefully with informational note about implicit MX, CSV export, URL param support (?domain=), SEO content block

Added

• URL Encode/Decode tool: PHP page (security/url-encode.php) + JS (assets/js/tools/url-encode.js) — client-side percent-encoding and decoding with toggle pills for encode/decode mode, full URL vs component encoding (encodeURI vs encodeURIComponent), real-time processing on input, character count before/after with difference indicator, error handling for malformed encoded strings, copy button, SEO content block
• Hash Generator tool: PHP page (security/hash-generator.php) + JS (assets/js/tools/hash-gen.js) — client-side hashing using Web Crypto API (SHA-1, SHA-256, SHA-512) plus self-contained MD5 implementation (RFC 1321), algorithm selection pills (MD5, SHA-1, SHA-256, SHA-512, All), per-hash copy buttons, bit-length and character count display, SEO content block
• CSS styles for URL encode results (output wrap, stats, error state), hash generator enhanced layout (row headers, value wrapping), shared tool-controls spacing, and inline copy button in tools.css
• Updated tool-config.php: hash-generator js_file changed to hash-gen.js

Added

• JSON Formatter & Validator tool: PHP page (dev/json-formatter.php) + JS (assets/js/tools/json-formatter.js) — client-side JSON formatting, minifying, and validation with syntax highlighting (keys, strings, numbers, booleans, null, brackets), size comparison for minify mode, error line/position detection for validate mode, toggle pills for mode and indentation (2 spaces, 4 spaces, tab), copy output button, SEO content block
• Epoch/Unix Timestamp Converter tool: PHP page (dev/epoch-converter.php) + JS (assets/js/tools/epoch-converter.js) — bidirectional conversion between Unix timestamps and human-readable dates, live-updating current Unix time display, auto-detection of seconds vs milliseconds input, outputs UTC/local date, ISO 8601, relative time, day of week, week of year, timezone selection (UTC/Local), per-value copy buttons, SEO content block
• Epoch converter responsive grid CSS in tools.css

Added

• Password Generator tool: PHP page (security/password-generator.php) + JS (assets/js/tools/password-generator.js) — client-side cryptographic password generation using crypto.getRandomValues(), configurable length (8-128) via slider, toggleable character sets (uppercase, lowercase, numbers, symbols), real-time strength meter with entropy calculation, auto-generates on page load and option change, copy button, SEO content block
• Base64 Encode/Decode tool: PHP page (security/base64.php) + JS (assets/js/tools/base64.js) — client-side Base64 encoding/decoding with full UTF-8 support via TextEncoder/TextDecoder, toggle pills for mode selection, input/output byte size display, Base64 input validation, copy button, SEO content block
• CSS styles for password generator input options (slider, checkboxes, entropy display) and Base64 output in tools.css

Added

• What Is My IP tool: PHP page (network/my-ip.php) + JS (assets/js/tools/my-ip.js) — auto-detects public IP and geolocation on page load via /api/my-ip.php, displays IP in monospace with copy button, shows location info grid (city, region, country, ISP, org), refresh button, SEO content block
• Subnet Calculator tool: PHP page (network/subnet-calculator.php) + JS (assets/js/tools/subnet-calculator.js) — client-side IPv4 subnet calculator with real-time updates, computes network/broadcast addresses, subnet/wildcard masks, host ranges, CIDR notation, IP class/type, binary mask; supports /1 through /32 prefixes

Added

• Project scaffolding: directory structure, all foundation files
• CLAUDE.md — AI assistant context file
• docs/PROJECT-PLAN.md — Complete project specification
• CSS design system: variables.css, base.css, components.css, layout.css, tools.css
• Shared PHP includes: tool-config.php (15 Tier 1 tools registered), header.php, footer.php, seo-head.php, tool-layout.php, functions.php, ad-slots.php
• JavaScript foundation: app.js (theme, search, nav, recently-used, utilities), clipboard.js
• Homepage (index.php) with hero search, IP widget, tool grid by category, recently-used section
• .htaccess: HTTPS redirect, clean URLs, security headers, compression, caching, .md blocking
• DESIGN.md — Visual design system reference
• docs/.htaccess — Block public access to docs directory