Domain Due Diligence
Report for Family-locator.com
Why we think so
Family-locator.com is a long-running family-tracking site (domain created in 2015) with substantial traffic (~624k visits/month). It uses reputable infrastructure (Cloudflare, Amazon CloudFront, Stripe for payments) and has valid SSL, so the site is technically legitimate. However, there are two strong trust concerns: a documented 2019 data leak that exposed roughly 280,000 users’ location data, and recurring user complaints about unwanted subscription charges and refunds. No Google Safe Browsing or crypto-blacklist flags were found. Verdict: ⚠️ Suspicious — likely real but handle payments and personal data with caution.
Risk Insights
Major privacy incident on record
Operationally real but customer-service issues exist
Contradictory Signals
Technical legitimacy and usage scale conflict with serious historical privacy failures and customer-service problems.
Signal A: High traffic, mature domain, reputable infrastructure
Signal B: Documented data leak and repeated billing complaints
Category Scores
Red Flags & Warnings
-
Documented 2019 database leak exposed tens/hundreds of thousands of users' real-time location data, including children — major privacy incident.
-
Multiple user complaints about unexpected subscription charges and denied or difficult refunds on app stores and support forums.
-
Some related subdomains and older site instances were flagged as ‘older / unavailable’ by automated reputation checks, suggesting maintenance/consistency issues.
🔎 Detailed Checks & Analysis
Domain age & registrar
Domain age & registrar
"An older registration (2015) reduces the chance this is a throwaway scam domain, but age alone doesn't guarantee safe practices."
Reason: Domain created in 2015 and registered via GoDaddy suggests long-term presence and continuity.
Technical hygiene (SSL, DNS, hosting)
Technical hygiene (SSL, DNS, hosting)
"SSL is valid (wildcard for *.family-locator.com); DNS shows Cloudflare nameservers and standard MX/TXT records for Google Workspace and Zendesk."
Reason: Valid SSL certificate and use of Cloudflare / Amazon infrastructure indicates competent technical operations.
Third‑party integrations & payments
Third‑party integrations & payments
"Presence of Stripe and Google Analytics suggests conventional payment and telemetry flows; still verify payment receipts and refund paths before purchase."
Reason: Stripe present for payments and standard analytics/tools are in use, which supports normal business processes.
Traffic & popularity
Traffic & popularity
"Large user base can be reassuring, but high traffic also increases impact of any security or billing problems."
Reason: High monthly traffic (~623k) and search-driven visitor share imply a widely-used service.
Reputation & user complaints
Reputation & user complaints
"App-store reviews and forum posts describe billing disputes; automated reputation checks list mainly negative user feedback even where scans mark the site technically safe."
Reason: Multiple user reports of unwanted charges and refund difficulties lower trust in customer practices.
Privacy & security history
Privacy & security history
"The data-exposure event is a high-severity incident for a geolocation product; check whether the vendor published a post-mortem or implemented fixes."
Reason: A 2019 incident exposed real-time location records for ~280,000 users — a significant security breach for a location-tracking service.
Your Next Steps
-
1Avoid entering payment details until you confirm refund and trial policies; if you must subscribe, use a card you can monitor and cancel quickly.
-
2Search App Store / Play Store purchase history and developer responses for the exact app tied to this domain before paying.
-
3If you used the service in the past, check for signs of the 2019 leak (unexpected location-related messages) and rotate any account credentials.
-
4Report unwanted charges to your payment provider and request refunds via the platform (App Store / Google Play) if developer support is unresponsive.
-
5Limit sharing sensitive data (children’s exact locations) with the service until you’re satisfied with its security posture and privacy policy.
Evidence & Citations
-
SimilarWeb site analytics for family-locator.com (Sep 2025)
Shows ~623,656 visits in Sep 2025, bounce rate ~48.6%, and top country share (US ~19.6%).
-
Technology and integrations detected (Cloudflare, Amazon CloudFront, Stripe, Google Analytics)
Scan found Cloudflare nameservers, Amazon hosting, Stripe payments, Zendesk support and standard analytics tags — consistent with an operational product.
-
WHOIS, DNS and SSL details for family-locator.com
WHOIS shows registrar GoDaddy and creation timestamp in 2015; MX/TXT records indicate Google Workspace and Zendesk; SSL is valid and issued by Amazon RSA.
-
Aggregated findings and user-reports (billing complaints, 2019 data leak)
Contains references to user complaints about charges/refunds and to media/security reports documenting a 2019 database leak that exposed location data for ~280k users.
-
Site contact scrape
Public support pages list help@family-locator.com and support@family-locator.com and social profiles (Facebook, Instagram, Twitter).
-
Google Safe Browsing & crypto blacklist checks
No active Safe Browsing threats detected for the domain.
-
Crypto scam blacklist check
Domain not found on crypto-scams blacklist.
-
USPTO trademark search for 'family-locator.com'
No matching trademark records returned for the query.
🕵🏻 Keep investigating
Run another instant due diligence scan on any website URL. Verify before you trust!
Phishing crews spin up carbon-copy login portals for CRM and finance tools, siphoning credentials before users realize t...
Read playbook →Giveaway pages entice with consoles or flights, then harvest card data and selfies “for verification.” ScamAI checks reg...
Read playbook →