Sama Faiz

copyJSON() is literally just clipboard write on the stringified currentData obj. slapped a “COPIED!” flash on the btn w/ 1500ms timeout reset ngl it’s peak lazy but it works. almost shipped without the null guard on currentData — would’ve been so embarrassing, clicking export before a scan and nothing happens 💀
exportHTML() goes kinda hard tho — outerHTML → blob → fake anchor click → download. names the file recon-{domain}-{timestamp}.html so u never overwrite ur old reports. the unhinged part is the exported file is still fully interactive bc the whole block comes with it. idk if that’s a W or an L honestly
dns (cloudflare DoH) and geoip (ipapi.co) pull real data. everything else — ssl, headers, ports, threat score, tech stack — is getDemoData() faking it. intentional for MVP, ui had to be solid before committing to actual apis
I think im ready to ship

stuff i cooked
startScan() — the main guy
whole scan engine. disables btn, logs progress w live timestamps, awaits each module one by one, renders results at the end. if any API dies it falls back to demo data so UI never crashes. async/await diff fr
tab mode system
5 modes — full / dns / ssl / headers / geoip. one global scanMode var, whole render reads from it. that’s it. simple wins
terminal logger
every step logs w [HH:MM:SS] timestamp. cyan = info, green = ok, red = error. lines fade in one by one like an actual terminal running the vibes on this one are immaculate
real DNS via cloudflare DoH
fired 4 parallel reqs w Promise.all() — A, MX, NS, TXT all at once. hits cloudflare-dns.com/dns-query. faster than sequential calls by like 1.5s ngl
real geoip
grabs the A record IP → hits ipapi.co → gets country, city, ASN, coords, timezone. actual live data no cap
real whois via RDAP
rdap.org returns structured JSON instead of raw whois text. parsed registrar, dates, org, status. so much cleaner than traditional whois
demo data fallback
for stuff u literally cant fetch client side (SSL, ports, threat score etc) — generates realistic fake data seeded from the domain string so each target looks diff. sneaky move tbh
card system
buildCards() + makeCard() dynamically builds the results grid based on scan mode. WHOIS, DNS, SSL, GeoIP, Headers, Tech Stack, Threat Intel, Subdomains — each has its own template. cards stagger in w css animation delays
threat score UI
circle badge goes green/yellow/red. animated bars for malware, phishing, spam. looks clean as

went full dark terminal core bc what else would a hacker tool look like lol. picked Space Mono for that hacky monospace drip and Syne for the big headings. color palette is deep navy + cyan accent (#00e5ff) w red-pink for danger states and green for clean/safe
threw in a CSS grid overlay + animated radial glow in the bg so it doesnt look dead. subtle but it hits
stuff i actually wrote

CSS variables for the whole color system — future me will thank present me
header w logo + pulsing green dot
search box w TARGET:// prefix bc aesthetic
scan mode tabs — full scan / dns / ssl / headers / geoip
terminal log panel — hidden by default, fades in line by line during scan like a real terminal
card system — reusable cards w OK / WARN / ERR / INFO badges
kv rows, dns lists, tech pills, threat score circle, port grid — all the data display components

I’m working on my first project! This is so exciting. I can’t wait to share more updates as I build. Im very determined and motivated.