diff --git a/README.md b/README.md
index 7ca2c1e..f31c003 100644
--- a/README.md
+++ b/README.md
@@ -15,4 +15,5 @@ This tool can generate these profiles from provided data and also provides some
 
 - Eli Grey for [FileSaver.js](https://github.com/eligrey/FileSaver.js)
 - uuidjs for the [UUID JavaScript module](https://github.com/uuidjs/uuid)
-- Paul Miller for [his excellent article](https://paulmillr.com/posts/encrypted-dns/) and the [premade profiles](https://github.com/paulmillr/encrypted-dns)
\ No newline at end of file
+- Paul Miller for [his excellent article](https://paulmillr.com/posts/encrypted-dns/) and the [premade profiles](https://github.com/paulmillr/encrypted-dns)
+- W3schools for [w3.css](https://www.w3schools.com/w3css/)
\ No newline at end of file
diff --git a/index.html b/index.html
index 04db63f..8e73d47 100644
--- a/index.html
+++ b/index.html
@@ -6,72 +6,36 @@
     <title>DNS Profile Creator</title>
     <link rel="stylesheet" href="css/w3.css">
     <link rel="stylesheet" href="css/form.css">
-    <script src="js/FileSaver.min.js"></script>
-    <script src="js/uuidv4.min.js"></script>
-    <script src="js/tool.min.js"></script>
 </head>
 <body class="w3-container">
     <h1>Secure DNS profile creator</h1>
     <h2>For iOS 14 or later and macOS Big Sur or later</h2>
     
-    <select name="premades" id="premades" onchange="loadPremade()">
-        <option value="custom">&lt;custom&gt;</option>
-        <optgroup label="AdGuard">
-            <option value="adguard-https">AdGuard DoH</option>
-        </optgroup>
-        <optgroup label="Alibaba">
-            <option value="alibaba-https">Alibaba DoH</option>
-        </optgroup>
-        <optgroup label="Cloudflare">
-            <option value="cloudflare-https">Cloudflare DoH</option>
-            <option value="cloudflare-tls">Cloudflare DoT</option>
-            <option value="cloudflare-security-https">Cloudflare Malware blocking DoH</option>
-            <option value="cloudflare-security-tls">Cloudflare Malware blocking DoT</option>
-            <option value="cloudflare-family-https">Cloudflare Malware &amp; Adult blocking DoH</option>
-            <option value="cloudflare-family-tls">Cloudflare Malware &amp; Adult blocking DoT</option>
-        </optgroup>
-        <optgroup label="DNSPOD">
-            <option value="dnspod-https">DNSPOD DoH</option>
-        </optgroup>
-        <optgroup label="Google">
-            <option value="google-https">Google DoH</option>
-            <option value="google-tls">Google DoT</option>
-        </optgroup>
-        <optgroup label="OpenDNS">
-            <option value="opendns-https">OpenDNS DoH</option>
-        </optgroup>
-        <optgroup label="Quad9">
-            <option value="quad9-https">Quad9 DoH</option>
-            <option value="quad9-tls">Quad9 DoT</option>
-        </optgroup>
-    </select>
+    <div class="w3-bar w3-border w3-light-grey">
+        <a href="/index.html" class="w3-bar-item w3-button w3-green">About</a>
+        <a href="/tool.html" class="w3-bar-item w3-button">Tool</a>
+    </div>
     
-    <form action="javascript:saveDynamicDataToFile()">
-        <p>
-            <label for="provName">Name of DNS provider:</label>
-            <input type="text" id="provName" placeholder="MyCoolSecureProvider" required>
-        </p>
-        <p>
-            <input type="radio" id="doh" name="encryption" value="HTTPS" onclick="switchToHTTPS()" checked="checked" required>
-            <label for="doh">DNS-over-HTTPS (DoH)</label><br>
-            <input type="radio" id="dot" name="encryption" value="TLS" onclick="switchToTLS()" required>
-            <label for="dot">DNS-over-TLS (DoT)</label>
-        </p>
-        <p>
-            <label for="dns1v4" class="optional">IPv4 primary DNS:</label>
-            <input type="text" id="dns1v4" placeholder="0.0.0.0">
-            <label for="dns2v4" class="optional">IPv4 secondary DNS:</label>
-            <input type="text" id="dns2v4" placeholder="0.0.0.1">
-            <label for="dns1v6" class="optional">IPv6 primary DNS:</label>
-            <input type="text" id="dns1v6" placeholder="0000:0000:0000:0000:0000:0000:0000:0000 - other formats also accepted">
-            <label for="dns2v6" class="optional">IPv6 secondary DNS:</label>
-            <input type="text" id="dns2v6" placeholder="0000:0000:0000:0000:0000:0000:0000:0001 - other formats also accepted">
-        </p>
-        <p>
-            <label for="serverUrl" id="dohdotServerLabel">DoH server URL:</label>
-            <input type="text" id="serverUrl" placeholder="https://example.com/query" required>
-        </p>
-        <input type="submit" class="button1" value="Download profile">
-    </form>
+    <br>
+    
+    <h3>What is this?</h3>
+    <p>This website allows you to create configuration profiles for your Apple device to use the new built-in encrypted DNS options.</p>
+    <h3>Details</h3>
+    <p>Apple has included built-in support for DNS-over-HTTPS and DNS-over-TLS in their iOS 14 and macOS Big Sur updates. But there is no possibility to use this new feature without a third-party app or configuration profiles. I personally preferred not to install some app to manage this for me. <br>
+    This websites generates a configuration profile which is installable on your system and activates encrypted DNS.</p>
+    <h4>Why not use an app?</h4>
+    <p>I prefer to use tools which I can make sure do exactly what they claim to do. Configuration profiles are rather transparent, they can be opened with any text editor and viewed. This website is completely open-source. <br>
+    An app off the App Store might do what it should, sure. But it also might capture data inbetween and negate the privacy advantage that DoH and DoT bring.</p>
+    <h3>Why should I care about encrypted DNS?</h3>
+    <p>DNS is basically the phone book of the internet. If you visit a website, your computer first contacts the DNS server to look up where its even supposed to connect to.<br>
+    While the traffic itself is often encrypted nowadays, the lookup itself still is not without DoH/DoT. So anyone in the same network will still know exactly which websites you visited.<br>
+    If you want to know more about this, give <a href="https://paulmillr.com/posts/encrypted-dns/">this blog post by Paul Miller</a> a read, he explains the subject very nicely.</p>
+    <h3>DNS-over-HTTPS or DNS-over-TLS?</h3>
+    <p>There isn't a huge difference between the two protocols.<br>
+    DoH is harder to spot in regular network traffic and is also less likely to be blocked in a corporate environment, since it uses the same port as any secured website.<br>
+    DoT is possibly faster, since it uses one layer of transport less. But it uses it's own port and is therefore obvious to any other people monitoring the network - and might be blocked behind very strict firewalls.</p>
+    <p>In the end, it's more personal preference than anything else. If your system supports both - as Apple systems do - you can choose whatever you want.</p>
+    <h3>Which provider should I choose?</h3>
+    <p>This comes down to a few factors. First, location. Living in countries which block certain websites narrows your choice down considerably. Furthermore, different providers have different priorities. I suggest you do some research into the providers yourself. For example, you could take a look at <a href="https://www.privacytools.io/providers/dns/">this table</a> which lists a few providers and compares them.</p>
 </body>
 </html>
\ No newline at end of file
diff --git a/js/tool.js b/js/tool.js
index b00f048..f68d9f5 100644
--- a/js/tool.js
+++ b/js/tool.js
@@ -143,6 +143,24 @@ function loadPremade() {
             dns2v6.value = "2400:3200:baba::1";
             serverUrl.value = "https://dns.alidns.com/dns-query";
             break;
+        case "applied-privacy-https":
+            provName.value = "Applied Privacy";
+            checkDoH.checked = true;
+            dns1v4.value = "146.255.56.98";
+            dns2v4.value = "";
+            dns1v6.value = "2a02:1b8:10:234::2";
+            dns2v6.value = "";
+            serverUrl.value = "https://doh.applied-privacy.net/query";
+            break;
+        case "applied-privacy-tls":
+            provName.value = "Applied Privacy";
+            checkDoT.checked = true;
+            dns1v4.value = "146.255.56.98";
+            dns2v4.value = "";
+            dns1v6.value = "2a02:1b8:10:234::2";
+            dns2v6.value = "";
+            serverUrl.value = "dot1.applied-privacy.net";
+            break;
         case "cloudflare-https":
             provName.value = "Cloudflare";
             checkDoH.checked = true;
diff --git a/js/tool.min.js b/js/tool.min.js
deleted file mode 100644
index ee41262..0000000
--- a/js/tool.min.js
+++ /dev/null
@@ -1 +0,0 @@
-function getRegDNS(){var dns1v4=document.getElementById("dns1v4").value;var dns2v4=document.getElementById("dns2v4").value;var dns1v6=document.getElementById("dns1v6").value;var dns2v6=document.getElementById("dns2v6").value;var ip4format=/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/;var ip6format=/^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$/;var returnstring="<key>ServerAddresses</key>\n<array>\n";var dnsOverride=false;if(ip6format.test(dns1v6)){console.log("61valid!");dnsOverride=true;returnstring+="<string>"+dns1v6+"</string>\n"}if(ip6format.test(dns2v6)){console.log("62valid!");dnsOverride=true;returnstring+="<string>"+dns2v6+"</string>\n"}if(ip4format.test(dns1v4)){console.log("41valid!");dnsOverride=true;returnstring+="<string>"+dns1v4+"</string>\n"}if(ip4format.test(dns2v4)){console.log("42valid!");dnsOverride=true;returnstring+="<string>"+dns2v4+"</string>\n"}if(dnsOverride){returnstring+="</array>\n";return returnstring}else{return ""}}function saveDynamicDataToFile(){var encryption=document.getElementsByName('encryption');var encValue=null;var provName=document.getElementById("provName").value;for(var i=0,length=encryption.length;i<length;i+=1){if(encryption[i].checked){encValue=encryption[i].value;break}}var fileString="<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";fileString+="<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n";fileString+="<plist version=\"1.0\">\n";fileString+="<dict>\n";fileString+="<key>PayloadContent</key>\n";fileString+="<array>\n";fileString+="<dict>\n";fileString+="<key>DNSSettings</key>\n";fileString+="<dict>\n";fileString+="<key>DNSProtocol</key>\n";fileString+="<string>"+encValue+"</string>\n";fileString+=getRegDNS();fileString+="<key>ServerURL</key>\n";fileString+="<string>"+document.getElementById("serverUrl").value+"</string>\n";fileString+="</dict>\n";fileString+="<key>PayloadDescription</key>\n";fileString+="<string>Configures device to use "+provName+" Encrypted DNS over "+encValue+"</string>\n";fileString+="<key>PayloadDisplayName</key>\n";fileString+="<string>"+provName+" DNS over "+encValue+"</string>\n";fileString+="<key>PayloadIdentifier</key>\n";fileString+="<string>com.apple.dnsSettings.managed."+uuidv4()+"\n";fileString+="<key>PayloadType</key>\n";fileString+="<string>com.apple.dnsSettings.managed</string>\n";fileString+="<key>PayloadUUID</key>\n";fileString+="<string>"+uuidv4()+"</string>\n";fileString+="<key>PayloadVersion</key>\n";fileString+="<integer>1</integer>\n";fileString+="<key>ProhibitDisablement</key>\n";fileString+="<false/>\n";fileString+="</dict>\n";fileString+="</array>\n";fileString+="<key>PayloadDescription</key>\n";fileString+="<string>Adds "+provName+" Encrypted DNS over "+encValue+" to Big Sur and iOS 14 based systems</string>\n";fileString+="<key>PayloadDisplayName</key>\n<string>"+provName+" DNS over "+encValue+"</string>\n";fileString+="<string>"+provName+" DNS over "+encValue+"</string>\n";fileString+="<key>PayloadIdentifier</key>\n";fileString+="<string>com.notjakob.apple-dns</string>\n";fileString+="<key>PayloadRemovalDisallowed</key>\n";fileString+="<false/>\n";fileString+="<key>PayloadType</key>\n";fileString+="<string>Configuration</string>\n";fileString+="<key>PayloadUUID</key>\n";fileString+="<string>"+uuidv4()+"</string>\n";fileString+="<key>PayloadVersion</key>\n";fileString+="<integer>1</integer>\n";fileString+="</dict>\n";fileString+="</plist>";var blob=new Blob([fileString],{type:"text/plain;charset=utf-8"});saveAs(blob,"dns.mobileconfig")}function switchToHTTPS(){document.getElementById("serverUrl").placeholder="https://example.com/query"+document.getElementById("serverUrl").value;document.getElementById("dohdotServerLabel").innerHTML="DoH server URL:"}function switchToTLS(){document.getElementById("serverUrl").placeholder="dot.example.com";document.getElementById("dohdotServerLabel").innerHTML="DoT server URL:"}function loadPremade(){var provName=document.getElementById("provName");var checkDoH=document.getElementById("doh");var checkDoT=document.getElementById("dot");var dns1v4=document.getElementById("dns1v4");var dns2v4=document.getElementById("dns2v4");var dns1v6=document.getElementById("dns1v6");var dns2v6=document.getElementById("dns2v6");var serverUrl=document.getElementById("serverUrl");switch(document.getElementById("premades").value){case "adguard-https":provName.value="AdGuard";checkDoH.checked=true;dns1v4.value="94.140.14.14";dns2v4.value="94.140.15.15";dns1v6.value="2a10:50c0::ad1:ff";dns2v6.value="2a10:50c0::ad2:ff";serverUrl.value="https://dns.adguard.com/dns-query";break;case "alibaba-https":provName.value="Alibaba";checkDoH.checked=true;dns1v4.value="223.5.5.5";dns2v4.value="223.6.6.6";dns1v6.value="2400:3200::1";dns2v6.value="2400:3200:baba::1";serverUrl.value="https://dns.alidns.com/dns-query";break;case "cloudflare-https":provName.value="Cloudflare";checkDoH.checked=true;dns1v4.value="1.1.1.1";dns2v4.value="1.0.0.1";dns1v6.value="2606:4700:4700::1111";dns2v6.value="2606:4700:4700::1001";serverUrl.value="https://cloudflare-dns.com/dns-query";break;case "cloudflare-tls":provName.value="Cloudflare";checkDoT.checked=true;dns1v4.value="1.1.1.1";dns2v4.value="1.0.0.1";dns1v6.value="2606:4700:4700::1111";dns2v6.value="2606:4700:4700::1001";serverUrl.value="cloudflare-dns.com";break;case "cloudflare-security-https":provName.value="Cloudflare Security";checkDoH.checked=true;dns1v4.value="1.1.1.2";dns2v4.value="1.0.0.2";dns1v6.value="2606:4700:4700::1112";dns2v6.value="2606:4700:4700::1002";serverUrl.value="https://security.cloudflare-dns.com/dns-query";break;case "cloudflare-security-tls":provName.value="Cloudflare Security";checkDoT.checked=true;dns1v4.value="1.1.1.2";dns2v4.value="1.0.0.2";dns1v6.value="2606:4700:4700::1112";dns2v6.value="2606:4700:4700::1002";serverUrl.value="security.cloudflare-dns.com";break;case "cloudflare-family-https":provName.value="Cloudflare Family";checkDoH.checked=true;dns1v4.value="1.1.1.3";dns2v4.value="1.0.0.3";dns1v6.value="2606:4700:4700::1113";dns2v6.value="2606:4700:4700::1003";serverUrl.value="https://family.cloudflare-dns.com/dns-query";break;case "cloudflare-family-tls":provName.value="Cloudflare Family";checkDoT.checked=true;dns1v4.value="1.1.1.3";dns2v4.value="1.0.0.3";dns1v6.value="2606:4700:4700::1113";dns2v6.value="2606:4700:4700::1003";serverUrl.value="family.cloudflare-dns.com";break;case "dnspod-https":provName.value="DNSPOD";checkDoH.checked=true;dns1v4.value="162.14.21.56";dns2v4.value="162.14.21.178";dns1v6.value="";dns2v6.value="";serverUrl.value="https://doh.pub/dns-query";break;case "google-https":provName.value="Google";checkDoH.checked=true;dns1v4.value="8.8.8.8";dns2v4.value="8.8.4.4";dns1v6.value="2001:4860:4860::8888";dns2v6.value="2001:4860:4860::8844";serverUrl.value="https://dns.google/dns-query";break;case "google-tls":provName.value="Google";checkDoT.checked=true;dns1v4.value="8.8.8.8";dns2v4.value="8.8.4.4";dns1v6.value="2001:4860:4860::8888";dns2v6.value="2001:4860:4860::8844";serverUrl.value="dns.google";break;case "opendns-https":provName.value="OpenDNS";checkDoH.checked=true;dns1v4.value="208.67.220.220";dns2v4.value="208.67.222.222";dns1v6.value="2620:119:35::35";dns2v6.value="2620:119:53::53";serverUrl.value="https://doh.opendns.com/dns-query";break;case "quad9-https":provName.value="";checkDoH.checked=true;dns1v4.value="9.9.9.9";dns2v4.value="149.112.112.112";dns1v6.value="2620:fe::fe";dns2v6.value="2620:fe::9";serverUrl.value="https://dns.quad9.net/dns-query";break;case "quad9-tls":provName.value="";checkDoT.checked=true;dns1v4.value="9.9.9.9";dns2v4.value="149.112.112.112";dns1v6.value="2620:fe::fe";dns2v6.value="2620:fe::9";serverUrl.value="dns.quad9.net";break;default:provName.value="";checkDoH.checked=true;dns1v4.value="";dns2v4.value="";dns1v6.value="";dns2v6.value="";serverUrl.value=""}}
\ No newline at end of file
diff --git a/tool.html b/tool.html
new file mode 100644
index 0000000..f716194
--- /dev/null
+++ b/tool.html
@@ -0,0 +1,89 @@
+<!doctype html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>DNS Profile Creator</title>
+    <link rel="stylesheet" href="css/w3.css">
+    <link rel="stylesheet" href="css/form.css">
+    <script src="js/FileSaver.min.js"></script>
+    <script src="js/uuidv4.min.js"></script>
+    <script src="js/tool.js"></script>
+</head>
+<body class="w3-container">
+    <h1>Secure DNS profile creator</h1>
+    <h2>For iOS 14 or later and macOS Big Sur or later</h2>
+    
+    <div class="w3-bar w3-border w3-light-grey">
+        <a href="/" class="w3-bar-item w3-button">About</a>
+        <a href="/tool.html" class="w3-bar-item w3-button w3-green">Tool</a>
+    </div>
+    
+    <br>
+    
+    <h4>Choose a pre-configured provider, or enter your own settings:</h4>
+    <select name="premades" id="premades" onchange="loadPremade()">
+        <option value="custom">&lt;custom&gt;</option>
+        <optgroup label="AdGuard">
+            <option value="adguard-https">AdGuard DoH</option>
+        </optgroup>
+        <optgroup label="Alibaba">
+            <option value="alibaba-https">Alibaba DoH</option>
+        </optgroup>
+        <optgroup label="Applied Privacy">
+            <option value="applied-privacy-https">Applied Privacy DoH</option>
+            <option value="applied-privacy-tls">Applied Privacy DoT</option>
+        </optgroup>
+        <optgroup label="Cloudflare">
+            <option value="cloudflare-https">Cloudflare DoH</option>
+            <option value="cloudflare-tls">Cloudflare DoT</option>
+            <option value="cloudflare-security-https">Cloudflare Malware blocking DoH</option>
+            <option value="cloudflare-security-tls">Cloudflare Malware blocking DoT</option>
+            <option value="cloudflare-family-https">Cloudflare Malware &amp; Adult blocking DoH</option>
+            <option value="cloudflare-family-tls">Cloudflare Malware &amp; Adult blocking DoT</option>
+        </optgroup>
+        <optgroup label="DNSPOD">
+            <option value="dnspod-https">DNSPOD DoH</option>
+        </optgroup>
+        <optgroup label="Google">
+            <option value="google-https">Google DoH</option>
+            <option value="google-tls">Google DoT</option>
+        </optgroup>
+        <optgroup label="OpenDNS">
+            <option value="opendns-https">OpenDNS DoH</option>
+        </optgroup>
+        <optgroup label="Quad9">
+            <option value="quad9-https">Quad9 DoH</option>
+            <option value="quad9-tls">Quad9 DoT</option>
+        </optgroup>
+    </select>
+    
+    <form action="javascript:saveDynamicDataToFile()">
+        <p>
+            <label for="provName">Name of DNS provider:</label>
+            <input type="text" id="provName" placeholder="MyCoolSecureProvider" required>
+        </p>
+        <p>
+            <input type="radio" id="doh" name="encryption" value="HTTPS" onclick="switchToHTTPS()" checked="checked" required>
+            <label for="doh">DNS-over-HTTPS (DoH)</label><br>
+            <input type="radio" id="dot" name="encryption" value="TLS" onclick="switchToTLS()" required>
+            <label for="dot">DNS-over-TLS (DoT)</label>
+        </p>
+        <p>
+            <label for="dns1v4" class="optional">IPv4 primary DNS:</label>
+            <input type="text" id="dns1v4" placeholder="0.0.0.0">
+            <label for="dns2v4" class="optional">IPv4 secondary DNS:</label>
+            <input type="text" id="dns2v4" placeholder="0.0.0.1">
+            <label for="dns1v6" class="optional">IPv6 primary DNS:</label>
+            <input type="text" id="dns1v6" placeholder="0000:0000:0000:0000:0000:0000:0000:0000 - other formats also accepted">
+            <label for="dns2v6" class="optional">IPv6 secondary DNS:</label>
+            <input type="text" id="dns2v6" placeholder="0000:0000:0000:0000:0000:0000:0000:0001 - other formats also accepted">
+        </p>
+        <p>
+            <label for="serverUrl" id="dohdotServerLabel">DoH server URL:</label>
+            <input type="text" id="serverUrl" placeholder="https://example.com/query" required>
+        </p>
+        <input type="submit" class="button1" value="Download profile">
+    </form>
+</body>
+</html>
\ No newline at end of file