This site is only running HTTP not HTTPS which has become the preferred protocol since google started pushing for it. I imagine most hosters will offer it at no extra these days as certificates no longer cost the arm and a leg they once did.
With HTTPS all your traffic both to and from the site is encrypted so should anybody be snooping on your comminications they won't see anything more than which IP address you are in communication with. With HTTP everything is just plain text including any userid and password when you log in. This is more a theoretical risk than real unless you are on an open WiFi hotspot when in theory somebody could be collecting everything you do. In practice it's very unlikely that anybody would bother. Just make sure you don't use a password here that you use on anything you'd want to be sure was secure such as your email.
I used to host my own website and used
https://letsencrypt.org/ for my certificate to allow me to run HTTPS. I gave up running the site last year but still host a few personal odds and ends from a Raspberry Pi running at home amongst which is my signature image here and I still run HTTPS because the cost is zero and the overhead very low.
In reality you risk virtually nothing accessing any site using HTTP only except for entering payments. Your login details are theoretically exposed but I doubt anybody is going to take advantage of that.