Features

Everything Xpiry watches for you

One tool for SSL certificates, uptime and status pages, TLS configuration, security headers, DNS posture, registration expiry, application exceptions, and the alerts that tie it all together.

SSL & TLS monitoring

Full handshake inspection on every check.

Certificate chain validation, expiry tracking, TLS version and cipher inspection, OCSP stapling, ALPN, fingerprints, and self-signed detection.

Learn more

Uptime monitoring

Cross-region HTTP checks, down to every minute.

HTTP checks from multiple regions against every domain you monitor: status code, response time, and downtime alerts that re-fire until acknowledged or recovered.

Learn more

On-call & incident response

Schedules, escalation, phone & SMS. Cancel the PagerDuty bill.

Failing checks open a deduped incident and page whoever is on call, following your rotation and escalation policy. No ack within the timeout escalates to the next person. Acknowledge by one-click link, SMS reply, or a keypress on a phone call. Reliable across redeploys because deadlines live in the database, not a job queue.

Learn more

Agency & client tools

Branded client portals, monthly PDF reports, unlimited seats.

Built for the agencies and freelancers who monitor on behalf of others. Group domains under named clients, hand each client a branded read-only portal link, and have a per-client monthly PDF report emailed automatically with browsable history. Google SSO, read-only API keys, and unlimited team seats on every plan.

Learn more

Public status pages

Live uptime on your own domain.

Live status, 90-day uptime history, per-region results, posted incidents and scheduled maintenance on a page you can share. Visitors subscribe (double opt-in) to be notified on every update. Brand it with your logo, pick a theme, add custom CSS, and serve it from your own subdomain like status.example.com.

Learn more

Heartbeat & metric monitors

Catch the cron job that silently stopped.

Your systems report in by hitting a tokenized URL (or by email, for locked-down environments). Schedule by interval or cron expression with a grace period; a missed window flips the monitor to down. Track run duration to catch jobs that run too long, push metrics against thresholds, and let jobs self-register on first ping.

Learn more

Custom metrics & dashboards

Soon

Push labeled metrics, query them, build your own dashboards.

Send Xpiry any number you care about, p95 latency, queue depth, daily signups, tagged with labels like region or endpoint. Query across monitors by tag and time window with averages, sums, counts, and percentiles, then lay the results out as saved dashboards built from line, bar, gauge, and stat panels.

Learn more

Exception tracking

Point any Sentry SDK at Xpiry.

Each domain gets a Sentry-compatible DSN. Drop it into the SDK you already use and exceptions arrive grouped into issues with stacktraces. New errors and regressions alert on your channels, with a daily event budget on every plan.

Learn more

Synthetic browser checks

Verify a real login or checkout, not just a 200 OK.

Describe a flow as steps: go to the login page, fill the form, click submit, assert the dashboard loaded. Xpiry runs it on a schedule in a real headless browser and tells you the moment a critical path breaks, with the failing step and a screenshot. The check that catches a broken checkout before your customers do.

Learn more

Broken-link crawler & health endpoint

Find dead links, mixed content, and unhealthy internals.

Xpiry crawls your pages, follows internal links within a budget, and flags broken links, broken images, and mixed content with the source URL of each. Separately, point Xpiry at a JSON health endpoint and it polls your app's own checks, opening an incident the moment something internal goes unhealthy.

Learn more

DNS record monitoring

Catch a hijack the moment your nameservers move.

Snapshots A, AAAA, CNAME, MX, TXT and nameserver records on every check and diffs them against the last. Record changes are classified and severity-ranked, with nameserver changes treated as critical because they can signal a domain hijack.

Learn more

Redirect monitoring

Make sure http:// still lands on https://.

Walks the full redirect chain from your bare http:// URL, recording every hop. We alert you when the chain loops, ends in an HTTP error, or stops upgrading to HTTPS — the silent breakages that cost you traffic and SEO.

Learn more

TCP, DNSBL & content checks

Watch ports, blocklists, and what's actually on the page.

Open a socket to assert a port is reachable, ping over TCP (the portable check that works where raw ICMP is blocked), and check your domain against DNS blocklists to protect deliverability. Content assertions let an uptime check fail when the page is missing required text, contains an error string, or responds too slowly, not just on a bad status code.

Learn more

Security scanning & grade

Headers, CAA, DNSSEC, CT logs: graded A+ to F.

HSTS, CSP, X-Frame-Options, CAA, DNSSEC, Certificate Transparency, OCSP stapling — combined into a single security grade with explanations.

Learn more

Certificate change detection

Know the moment a cert changes, and why.

Every check diffs the new cert against the previous one. Rekeys, issuer swaps, SAN drift, weakened crypto, and chain regressions are classified, severity-ranked, and surfaced as alerts with a full audit trail.

Learn more

Domain registration expiry

RDAP-first, WHOIS fallback.

Tracks registrar, registration date, and expiry for every domain you monitor. Subdomains automatically share registration data with their parent so you never duplicate WHOIS lookups.

Learn more

Multi-channel alerts

Email, Slack, Discord, webhooks.

Four notification channels, configurable per-domain thresholds, smart deduplication, and severity-aware delivery so you only get paged for things that actually matter.

Learn more

REST API

Everything you can do in the dashboard, programmatically.

List domains, add and verify them, fetch SSL details, security scans, alerts, manage incidents, on-call schedules, escalation policies and clients. API key auth with read-only and read-write scopes. Available on every plan.

Learn more

MCP server & CLI

Query your monitoring from Claude, Cursor, or the terminal.

Connect Claude, Cursor or any MCP client and ask about your monitoring in natural language: what's down, which certs expire soon, acknowledge an incident. The same data is one command away in the terminal via the xpiry CLI, and there's a Claude Code skill to drive it.

Learn more

Terraform provider

Soon

Manage monitoring as code.

The official terraform-provider-xpiry lets you declare domains and alert rules in HCL, with data sources for accounts and individual domains. Perfect for agencies onboarding clients in bulk.

Learn more

Start monitoring in minutes

Free for one domain. No credit card required.

Get started free

See the full feature list or pricing.