WebVetted
+ New
Site icon

Domain Due Diligence

Report for Family-locator.com

Report Date
October 9, 2025
Recommendation
Caution
Overall Summary
Suspicious
  Why we think so? 

Family-locator.com is a long-running family-tracking site (domain created in 2015) with substantial traffic (~624k visits/month). It uses reputable infrastructure (Cloudflare, Amazon CloudFront, Stripe for payments) and has valid SSL, so the site is technically legitimate. However, there are two strong trust concerns: a documented 2019 data leak that exposed roughly 280,000 users’ location data, and recurring user complaints about unwanted subscription charges and refunds. No Google Safe Browsing or crypto-blacklist flags were found. Verdict: ⚠️ Suspicious — likely real but handle payments and personal data with caution.

Confidence Score
65%

Risk Insights

🛡️

Major privacy incident on record

  • 2019 database exposure reported by security researchers.
  • Leak reportedly included ~280,000 users' live locations.
  • This increases risk for users and for targeted social engineering.
⚠️

Operationally real but customer-service issues exist

  • Uses Stripe, Google Workspace, Zendesk — typical for legitimate services.
  • Multiple complaints about billing and refunds in app stores/support forums.
  • If you must pay, monitor charges and keep evidence of cancellation requests.

Contradictory Signals

Technical legitimacy and usage scale conflict with serious historical privacy failures and customer-service problems.

Signal A: High traffic, mature domain, reputable infrastructure

Signal B: Documented data leak and repeated billing complaints

Category Scores

Red Flags & Warnings

  • Documented 2019 database leak exposed tens/hundreds of thousands of users' real-time location data, including children — major privacy incident.
  • Multiple user complaints about unexpected subscription charges and denied or difficult refunds on app stores and support forums.
  • Some related subdomains and older site instances were flagged as ‘older / unavailable’ by automated reputation checks, suggesting maintenance/consistency issues.

🔎 Detailed Checks & Analysis

Domain age & registrar

Score: 70/100
Passed

"An older registration (2015) reduces the chance this is a throwaway scam domain, but age alone doesn't guarantee safe practices."

Reason: Domain created in 2015 and registered via GoDaddy suggests long-term presence and continuity.

Technical hygiene (SSL, DNS, hosting)

Score: 75/100
Passed

"SSL is valid (wildcard for *.family-locator.com); DNS shows Cloudflare nameservers and standard MX/TXT records for Google Workspace and Zendesk."

Reason: Valid SSL certificate and use of Cloudflare / Amazon infrastructure indicates competent technical operations.

Third‑party integrations & payments

Score: 70/100
Passed

"Presence of Stripe and Google Analytics suggests conventional payment and telemetry flows; still verify payment receipts and refund paths before purchase."

Reason: Stripe present for payments and standard analytics/tools are in use, which supports normal business processes.

Traffic & popularity

Score: 65/100
Passed

"Large user base can be reassuring, but high traffic also increases impact of any security or billing problems."

Reason: High monthly traffic (~623k) and search-driven visitor share imply a widely-used service.

Reputation & user complaints

Score: 45/100
Failed

"App-store reviews and forum posts describe billing disputes; automated reputation checks list mainly negative user feedback even where scans mark the site technically safe."

Reason: Multiple user reports of unwanted charges and refund difficulties lower trust in customer practices.

Privacy & security history

Score: 30/100
Failed

"The data-exposure event is a high-severity incident for a geolocation product; check whether the vendor published a post-mortem or implemented fixes."

Reason: A 2019 incident exposed real-time location records for ~280,000 users — a significant security breach for a location-tracking service.

Your Next Steps

  • 1

    Avoid entering payment details until you confirm refund and trial policies; if you must subscribe, use a card you can monitor and cancel quickly.

  • 2

    Search App Store / Play Store purchase history and developer responses for the exact app tied to this domain before paying.

  • 3

    If you used the service in the past, check for signs of the 2019 leak (unexpected location-related messages) and rotate any account credentials.

  • 4

    Report unwanted charges to your payment provider and request refunds via the platform (App Store / Google Play) if developer support is unresponsive.

  • 5

    Limit sharing sensitive data (children’s exact locations) with the service until you’re satisfied with its security posture and privacy policy.

Evidence & Citations

🕵🏻 Keep investigating

Recommended → 🌐 Scan another website

Run another instant due diligence scan on any website URL. Verify before you trust!

 Spot fake SaaS login pages before handing over credentials

Phishing crews spin up carbon-copy login portals for CRM and finance tools, siphoning credentials before users realize t...

Read playbook → Analyze giveaway landing page phishing

Giveaway pages entice with consoles or flights, then harvest card data and selfies “for verification.” ScamAI checks reg...

Read playbook →

Community feedback

Not rated yet

0 reviews published

5 stars 0%
4 stars 0%
3 stars 0%
2 stars 0%
1 star 0%

Leave a review

Reviews

No public reviews yet. Be the first to share your experience.