e can tell in a few minutes whether your domain search is going direct to OpenSRS or being proxied via WHMCS. Here’s a fast, surgical way to check from your Replit app.

What to look for (3 angles)

Frontend → Server (Network tab)

In your live site, open DevTools → Network.

Trigger a domain search. You should see a request like:

GET /api/domain/search?name=...

That confirms the browser only talks to your server (not directly to OpenSRS/WHMCS). The real question is what the server calls next.

Server code grep (which upstream are we hitting?)
In the repo, search for any hints of WHMCS vs OpenSRS:

grep -Rni "whmcs" server
grep -Rni "opensrs" server
grep -Rni "tucows" server
grep -Rni "rr-n1" server
grep -Rni "api.php" server   # WHMCS Admin API path
grep -Rni "Action=" server   # WHMCS-style query
grep -Rni "OPENSRS_" .
grep -Rni "WHMCS_API" .


If you see WHMCS_API_URL, api.php, or modules/servers/opensrs, you’re probably wrapped through WHMCS. If you only see OpenSRS credentials (OPENSRS_USER, OPENSRS_KEY, OPENSRS_MODE), it’s likely direct.

Instrument the server (definitive proof)
Add very small logs in your domain provider code to print which upstream URL/host is hit.

One-shot micro-diff to prove it (and show it in Diagnostics)
A) Add provider/mode logging

File: server/domains/index.ts (or wherever you route domain lookups)

// Somewhere central where you choose the provider / build the upstream URL
const PROVIDER = process.env.DOMAIN_PROVIDER || (process.env.WHMCS_API_URL ? "whmcs" : "opensrs");

function logUpstream(label: string, url: string) {
  try {
    const u = new URL(url);
    console.log(`[domain] ${label} upstream → host=${u.host} path=${u.pathname}`);
  } catch {
    console.log(`[domain] ${label} upstream → ${url}`);
  }
}

B) Instrument the actual outgoing request

File: server/domains/providers/opensrs.ts (and/or providers/whmcs.ts)

export async function checkAvailability(name: string) {
-  const url = buildOpenSrsUrl(name); // whatever you have
+  const url = buildOpenSrsUrl(name);
+  logUpstream("OpenSRS", url);
  // ... existing fetch
}


If you have a WHMCS provider:

export async function checkAvailabilityViaWhmcs(name: string) {
-  const url = buildWhmcsApiUrl("DomainWhois", { domain: name });
+  const url = buildWhmcsApiUrl("DomainWhois", { domain: name });
+  logUpstream("WHMCS", url);
  // ... existing fetch
}

C) Surface the truth in diagnostics

File: server/index.ts (/api/health)

+const domainProvider = process.env.DOMAIN_PROVIDER || (process.env.WHMCS_API_URL ? "whmcs" : "opensrs");
+const whmcsUrl = process.env.WHMCS_API_URL || null;
+const opensrsMode = process.env.OPENSRS_MODE || null;

app.get("/api/health", async (req, res) => {
  // ...
  res.json({
    ok: true,
    // existing fields ...
+   domainProvider,
+   whmcsUrlHost: whmcsUrl ? new URL(whmcsUrl).host : null,
+   opensrsMode,
  });
});


File: client/src/pages/dev/DiagnosticsPage.tsx (Server Health list)

<li><b>OpenSRS:</b> {health.opensrsConfigured ? `configured (${health.opensrsMode || "?"})` : "missing"}</li>
+<li><b>Domain provider:</b> {health.domainProvider}{health.whmcsUrlHost ? ` → ${health.whmcsUrlHost}` : ""}</li>


Now, when you hit /__qa/diag, you’ll see something like:

Domain provider: opensrs
or

Domain provider: whmcs → billing.yourhost.com

And in server logs on each search:

[domain] OpenSRS upstream → host=rr-n1-tor.opensrs.net path=/... (direct), or

[domain] WHMCS upstream → host=billing.yourhost.com path=/admin/api.php (wrapped through WHMCS).

What to do with the result

If it’s OpenSRS direct:

Make sure OpenSRS API IP allowlist contains your Replit server’s public IP (we can show in /__qa/diag as we discussed).

Ensure OPENSRS_MODE matches your creds (ote for test).

If it’s WHMCS:

The IP that must be whitelisted at OpenSRS is your WHMCS server’s public IP, not Replit’s.

Confirm the WHMCS OpenSRS module is configured (API keys, test/live mode).

Check the WHMCS Admin API creds/env (WHMCS_API_URL, WHMCS_IDENTIFIER, WHMCS_SECRET) exist and the action used (DomainWhois, etc.) returns data.

Also make sure your Replit server is allowed to call WHMCS API (CORS not relevant server-to-server, but firewalls/rate limits are).

Bonus quick check (no code)

If you can access server logs after one search attempt, you’ll immediately see the “upstream → host=…” line and know which path you’re on.