Features
Everything Xpiry watches for you
One tool for SSL certificates, uptime and status pages, TLS configuration, security headers, DNS posture, registration expiry, application exceptions, and the alerts that tie it all together.
SSL & TLS monitoring
Full handshake inspection on every check.
Certificate chain validation, expiry tracking, TLS version and cipher inspection, OCSP stapling, ALPN, fingerprints, and self-signed detection.
Learn more
Uptime monitoring
Cross-region HTTP checks, down to every minute.
HTTP checks from multiple regions against every domain you monitor: status code, response time, and downtime alerts that re-fire until acknowledged or recovered.
Learn more
On-call & incident response
Schedules, escalation, phone & SMS. Cancel the PagerDuty bill.
Failing checks open a deduped incident and page whoever is on call, following your rotation and escalation policy. No ack within the timeout escalates to the next person. Acknowledge by one-click link, SMS reply, or a keypress on a phone call. Reliable across redeploys because deadlines live in the database, not a job queue.
Learn more
Agency & client tools
Branded client portals, monthly PDF reports, unlimited seats.
Built for the agencies and freelancers who monitor on behalf of others. Group domains under named clients, hand each client a branded read-only portal link, and have a per-client monthly PDF report emailed automatically with browsable history. Google SSO, read-only API keys, and unlimited team seats on every plan.
Learn more
Public status pages
Live uptime on your own domain.
Live status, 90-day uptime history, per-region results, posted incidents and scheduled maintenance on a page you can share. Visitors subscribe (double opt-in) to be notified on every update. Brand it with your logo, pick a theme, add custom CSS, and serve it from your own subdomain like status.example.com.
Learn more
Heartbeat & metric monitors
Catch the cron job that silently stopped.
Your systems report in by hitting a tokenized URL (or by email, for locked-down environments). Schedule by interval or cron expression with a grace period; a missed window flips the monitor to down. Track run duration to catch jobs that run too long, push metrics against thresholds, and let jobs self-register on first ping.
Learn more
Custom metrics & dashboards
SoonPush labeled metrics, query them, build your own dashboards.
Send Xpiry any number you care about, p95 latency, queue depth, daily signups, tagged with labels like region or endpoint. Query across monitors by tag and time window with averages, sums, counts, and percentiles, then lay the results out as saved dashboards built from line, bar, gauge, and stat panels.
Learn more
Exception tracking
Point any Sentry SDK at Xpiry.
Each domain gets a Sentry-compatible DSN. Drop it into the SDK you already use and exceptions arrive grouped into issues with stacktraces. New errors and regressions alert on your channels, with a daily event budget on every plan.
Learn more
Synthetic browser checks
Verify a real login or checkout, not just a 200 OK.
Describe a flow as steps: go to the login page, fill the form, click submit, assert the dashboard loaded. Xpiry runs it on a schedule in a real headless browser and tells you the moment a critical path breaks, with the failing step and a screenshot. The check that catches a broken checkout before your customers do.
Learn more
Broken-link crawler & health endpoint
Find dead links, mixed content, and unhealthy internals.
Xpiry crawls your pages, follows internal links within a budget, and flags broken links, broken images, and mixed content with the source URL of each. Separately, point Xpiry at a JSON health endpoint and it polls your app's own checks, opening an incident the moment something internal goes unhealthy.
Learn more
DNS record monitoring
Catch a hijack the moment your nameservers move.
Snapshots A, AAAA, CNAME, MX, TXT and nameserver records on every check and diffs them against the last. Record changes are classified and severity-ranked, with nameserver changes treated as critical because they can signal a domain hijack.
Learn more
Redirect monitoring
Make sure http:// still lands on https://.
Walks the full redirect chain from your bare http:// URL, recording every hop. We alert you when the chain loops, ends in an HTTP error, or stops upgrading to HTTPS — the silent breakages that cost you traffic and SEO.
Learn more
TCP, DNSBL & content checks
Watch ports, blocklists, and what's actually on the page.
Open a socket to assert a port is reachable, ping over TCP (the portable check that works where raw ICMP is blocked), and check your domain against DNS blocklists to protect deliverability. Content assertions let an uptime check fail when the page is missing required text, contains an error string, or responds too slowly, not just on a bad status code.
Learn more
Security scanning & grade
Headers, CAA, DNSSEC, CT logs: graded A+ to F.
HSTS, CSP, X-Frame-Options, CAA, DNSSEC, Certificate Transparency, OCSP stapling — combined into a single security grade with explanations.
Learn more
Certificate change detection
Know the moment a cert changes, and why.
Every check diffs the new cert against the previous one. Rekeys, issuer swaps, SAN drift, weakened crypto, and chain regressions are classified, severity-ranked, and surfaced as alerts with a full audit trail.
Learn more
Domain registration expiry
RDAP-first, WHOIS fallback.
Tracks registrar, registration date, and expiry for every domain you monitor. Subdomains automatically share registration data with their parent so you never duplicate WHOIS lookups.
Learn more
Multi-channel alerts
Email, Slack, Discord, webhooks.
Four notification channels, configurable per-domain thresholds, smart deduplication, and severity-aware delivery so you only get paged for things that actually matter.
Learn more
REST API
Everything you can do in the dashboard, programmatically.
List domains, add and verify them, fetch SSL details, security scans, alerts, manage incidents, on-call schedules, escalation policies and clients. API key auth with read-only and read-write scopes. Available on every plan.
Learn more
MCP server & CLI
Query your monitoring from Claude, Cursor, or the terminal.
Connect Claude, Cursor or any MCP client and ask about your monitoring in natural language: what's down, which certs expire soon, acknowledge an incident. The same data is one command away in the terminal via the xpiry CLI, and there's a Claude Code skill to drive it.
Learn more
Terraform provider
SoonManage monitoring as code.
The official terraform-provider-xpiry lets you declare domains and alert rules in HCL, with data sources for accounts and individual domains. Perfect for agencies onboarding clients in bulk.
Learn more
Start monitoring in minutes
Free for one domain. No credit card required.
Get started freeSee the full feature list or pricing.