# SSLTrackr > SSLTrackr is an SSL certificate and domain name monitoring platform. It performs daily checks on SSL certificates and WHOIS records, assigns security grades (SSL Labs style), and sends proactive alerts via email, SMS, Slack, push notifications, and webhooks before certificates or domains expire. Free up to 10 domains. ## Product overview SSLTrackr helps teams avoid downtime and lost customer trust by monitoring digital assets proactively. It checks certificate chain validity, TLS version, HSTS, Subject Alternative Names, and expiration dates. It also monitors domain WHOIS records to prevent forgotten renewals or hijacking. A security grade (A+ to F) is computed daily based on protocol, algorithm, and vulnerability analysis. Alerts fire at configurable thresholds: 60, 30, 14, 7, 3, 1 days before expiry and on expiration. Deduplication ensures the same alert does not fire twice per threshold until the certificate is renewed (detected via serial number change). Every alert also generates an in-app notification. Setup requires no agent installation — just enter a domain name and monitoring starts automatically. ## Notification channels - Email: HTML emails via Brevo SMTP with severity, hostname, expiration date, and days remaining. - SMS: 160-character messages via Brevo. Restricted to 3-day, 1-day, and expired thresholds. - Slack: Rich messages via Incoming Webhooks with color-coded severity sidebar (blue=info, orange=warning, red=critical). - Webhook: Signed JSON POST to any HTTPS endpoint. HMAC-SHA256 signature in X-SSLTrackr-Signature header. - Push: Native browser and mobile notifications per device. Works when the app is not open. ## Pricing - Free: 10 certificates, Email + Slack + Push channels, no API access. - Pro 50: 50 certificates, all channels including SMS and Webhook, REST API access. EUR 27/month or EUR 240/year. - Pro 100: 100 certificates, all channels, REST API access. EUR 54/month or EUR 480/year. - Unlimited: unlimited certificates, all channels, REST API access. EUR 132/month or EUR 1,188/year. No hidden fees. No commitment. Monthly plans can be cancelled anytime. ## REST API Base URL: https://ssltrackr.com/api/v1 Authentication via Bearer token with ssa_ prefix. Available on Pro 50 plan and above. Endpoints: - GET /domains: list monitored domains (paginated, filterable, sortable). - POST /domains: add a domain (auto-triggers SSL and WHOIS checks). - GET /domains/{id}: get domain details. - PUT /domains/{id}: update domain properties. - DELETE /domains/{id}: remove a domain. - GET /domains/{id}/ssl: get latest SSL certificate check. - GET /domains/{id}/whois: get latest WHOIS lookup. - POST /check: trigger immediate SSL and WHOIS check (10 req/min). - GET /alerts: list alert history with optional domain filtering. - POST /api-keys: generate a new API key (5 req/min). ## Documentation - [Notification channels documentation](https://ssltrackr.com/docs): Configure Email, SMS, Slack, Webhook, and Push notification channels, alert thresholds, and webhook signature verification. - [API documentation](https://ssltrackr.com/developer-api): Full REST API reference with endpoint descriptions, parameter tables, request and response examples. - [OpenAPI 3.0 specification](https://ssltrackr.com/openapi.json): Downloadable OpenAPI 3.0.3 spec covering all API endpoints with schemas and examples. ## Pages - [Homepage](https://ssltrackr.com): Product overview, features, FAQ, and dashboard preview. - [Pricing](https://ssltrackr.com/pricing): Plan comparison and billing FAQ. - [Documentation](https://ssltrackr.com/docs): Notification channel setup guides and alert threshold reference. - [API Documentation](https://ssltrackr.com/developer-api): REST API reference with code examples. ## Optional - Supported languages: English, French, Spanish, German, Portuguese, Italian, Dutch, Japanese, Chinese, Korean, Arabic, Russian. - Alert types: ssl_expiry, ssl_expired, domain_unreachable, ssl_grade_drop. - Severity levels: info (>30 days), warning (8-30 days), critical (<=7 days, expired, or unreachable). - Webhook payload fields: alert_type, hostname, severity, title, message, threshold_days, triggered_at. - Domain object fields: id, hostname, port, is_active, notes, tags, ssl_grade, ssl_days_remaining, whois_days_remaining. - SSL check fields: subject, issuer, valid_from, valid_to, days_remaining, serial_number, tls_version, chain_valid, hsts, sans, grade. - WHOIS check fields: registrar, created_date, expiry_date, days_remaining, dnssec, nameservers.