Domain Due Diligence
Report for Family-locator.com
Why we think so
Family-locator.com is a long-running family-tracking site (domain created in 2015) with substantial traffic (~624k visits/month). It uses reputable infrastructure (Cloudflare, Amazon CloudFront, Stripe for payments) and has valid SSL, so the site is technically legitimate. However, there are two strong trust concerns: a documented 2019 data leak that exposed roughly 280,000 users’ location data, and recurring user complaints about unwanted subscription charges and refunds. No Google Safe Browsing or crypto-blacklist flags were found. Verdict: ⚠️ Suspicious — likely real but handle payments and personal data with caution.
Risk Insights
Major privacy incident on record
Operationally real but customer-service issues exist
Contradictory Signals
Technical legitimacy and usage scale conflict with serious historical privacy failures and customer-service problems.
Signal A: High traffic, mature domain, reputable infrastructure
Signal B: Documented data leak and repeated billing complaints
Category Scores
Red Flags & Warnings
-
Documented 2019 database leak exposed tens/hundreds of thousands of users' real-time location data, including children — major privacy incident.
-
Multiple user complaints about unexpected subscription charges and denied or difficult refunds on app stores and support forums.
-
Some related subdomains and older site instances were flagged as ‘older / unavailable’ by automated reputation checks, suggesting maintenance/consistency issues.
🔎 Detailed Checks & Analysis
Domain age & registrar
Domain age & registrar
"An older registration (2015) reduces the chance this is a throwaway scam domain, but age alone doesn't guarantee safe practices."
Reason: Domain created in 2015 and registered via GoDaddy suggests long-term presence and continuity.
Technical hygiene (SSL, DNS, hosting)
Technical hygiene (SSL, DNS, hosting)
"SSL is valid (wildcard for *.family-locator.com); DNS shows Cloudflare nameservers and standard MX/TXT records for Google Workspace and Zendesk."
Reason: Valid SSL certificate and use of Cloudflare / Amazon infrastructure indicates competent technical operations.
Third‑party integrations & payments
Third‑party integrations & payments
"Presence of Stripe and Google Analytics suggests conventional payment and telemetry flows; still verify payment receipts and refund paths before purchase."
Reason: Stripe present for payments and standard analytics/tools are in use, which supports normal business processes.
Traffic & popularity
Traffic & popularity
"Large user base can be reassuring, but high traffic also increases impact of any security or billing problems."
Reason: High monthly traffic (~623k) and search-driven visitor share imply a widely-used service.
Reputation & user complaints
Reputation & user complaints
"App-store reviews and forum posts describe billing disputes; automated reputation checks list mainly negative user feedback even where scans mark the site technically safe."
Reason: Multiple user reports of unwanted charges and refund difficulties lower trust in customer practices.
Privacy & security history
Privacy & security history
"The data-exposure event is a high-severity incident for a geolocation product; check whether the vendor published a post-mortem or implemented fixes."
Reason: A 2019 incident exposed real-time location records for ~280,000 users — a significant security breach for a location-tracking service.
Your Next Steps
-
1Avoid entering payment details until you confirm refund and trial policies; if you must subscribe, use a card you can monitor and cancel quickly.
-
2Search App Store / Play Store purchase history and developer responses for the exact app tied to this domain before paying.
-
3If you used the service in the past, check for signs of the 2019 leak (unexpected location-related messages) and rotate any account credentials.
-
4Report unwanted charges to your payment provider and request refunds via the platform (App Store / Google Play) if developer support is unresponsive.
-
5Limit sharing sensitive data (children’s exact locations) with the service until you’re satisfied with its security posture and privacy policy.
Evidence & Citations
-
SimilarWeb site analytics for family-locator.com (Sep 2025)
Shows ~623,656 visits in Sep 2025, bounce rate ~48.6%, and top country share (US ~19.6%).
-
Technology and integrations detected (Cloudflare, Amazon CloudFront, Stripe, Google Analytics)
Scan found Cloudflare nameservers, Amazon hosting, Stripe payments, Zendesk support and standard analytics tags — consistent with an operational product.
-
WHOIS, DNS and SSL details for family-locator.com
WHOIS shows registrar GoDaddy and creation timestamp in 2015; MX/TXT records indicate Google Workspace and Zendesk; SSL is valid and issued by Amazon RSA.
-
Aggregated findings and user-reports (billing complaints, 2019 data leak)
Contains references to user complaints about charges/refunds and to media/security reports documenting a 2019 database leak that exposed location data for ~280k users.
-
Site contact scrape
Public support pages list help@family-locator.com and support@family-locator.com and social profiles (Facebook, Instagram, Twitter).
-
Google Safe Browsing & crypto blacklist checks
No active Safe Browsing threats detected for the domain.
-
Crypto scam blacklist check
Domain not found on crypto-scams blacklist.
-
USPTO trademark search for 'family-locator.com'
No matching trademark records returned for the query.
🕵🏻 Keep investigating
Run another instant due diligence scan on any domain. Verify before you subscribe or shop!
Scammers clone legitimate ticket exchanges or invent resale hubs that require wire transfers and Zelle deposits. ScamAI...
Read playbook →Pseudo-news portals scrape legitimate outlets, tack on fake star ratings, and funnel traffic to shady merchants. ScamAI...
Read playbook →