How to read this graph
The domain you searched sits at the centre. Every other node is a domain connected to it by a link this tool can verify. The colour of each link tells you why the two are connected — and that "why" is the whole point, because different links carry different strength of evidence.
A certificate link means the two domains appeared on the same TLS certificate, according to public Certificate Transparency logs. This is a deliberate act — someone chose to put both names on one cert — so it's a strong ownership signal. A tracking-ID link means both domains were seen using the same analytics, ad, or affiliate ID; because those IDs tie to one account, it's a strong signal too. A Web3 link means the domain's keyword matches a registered blockchain name — a weaker, keyword-level connection.
What this graph deliberately does not show
Honesty about scope is what makes a graph like this usable rather than misleading. So two deliberate omissions:
It does not draw "shares an IP address" links. On shared hosting and behind CDNs like Cloudflare, a single IP fronts thousands of unrelated domains — so an IP link is usually noise, not a real connection, and drawing it would clutter the map with false relationships. It also does not label any domain as malicious, phishing, or compromised. This tool reports structural links from public and observed data; it makes no threat judgement, because that would require a reputation feed this tool doesn't have and shouldn't guess at.
Most importantly: the absence of a link is not proof of no connection. The tracking-ID links come from a corpus that grows as domains are looked up here — so it reflects what this tool has seen, not the entire internet. A missing edge may simply mean the data hasn't been observed yet. Treat what the graph shows as leads to verify, and never treat what it doesn't show as a clean bill.