DANGEROUS

Fake pop-ups & scareware — don't click or call

Typosquat YouTube downloader that triggers push-notification spam and third-party redirects reported by users on Reddit and Quora. This page throws fake "you won a prize" or "your device is infected" pop-ups to push adware, browser-notification spam, unwanted extensions, or a fake "support" number. None of it is real — you didn't win, your device isn't infected, and every "Allow", "Download", or "Call" prompt leads to junkware or a scam. Close the tab, don't click "Allow" on any notification request, don't install anything, and never call a number it shows. If you already allowed notifications or installed something, revoke the permission and run a reputable adware / malware cleaner.

Security Review

Is loaderr.to legit or a scam?

Yes — this is almost certainly a scam.

Do this now:close this page. Don't enter passwords or card details, and don't download anything.

Typosquat YouTube downloader that triggers push-notification spam and third-party redirects reported by users on Reddit and Quora.

Cross-checked against 8 independent sources 1 raised a concern
loaderr.toScanned 3h ago
0/100
Trust score
0 = danger · 100 = safe
DANGEROUS
Score breakdown
Heuristics 28·MT 40
Screenshot of loaderr.toSee the live page ↓
Category tags
downloaderadware riskHow sure we are: Moderate
Technical red flags (3)
Push-Notification SpamScam-network signals (65/100)Typosquat of loader.to
Positive signals (4)
Antivirus clearNot on major blacklistsEncrypted connectionClean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

What this means for you

You were probably about to click 'Allow', 'Download', or a 'fix'/'claim' button.

Nothing is actually wrong with your device and you didn't win anything — those buttons install adware, spam notifications, or lead to a fake-support scam.

How this scam works

The trap, step by step

  1. A pop-up screams “Congratulations, you won!” or “Your device is infected!”.

  2. A fake countdown or alarm manufactures panic and urgency.

  3. Clicking “Allow”, “Download”, “Scan now”, or “Call support” is the trap.

  4. You get adware, spam notifications, and junk extensions — or a fake phone-support scam.

Recognising the pattern is the best defence — if a site follows these steps, close it and don't enter anything.

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
Registration date unknown

Website Preview

Visual analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

25
/ 100
Moderate visual risk

Visual red flags detected in the screenshot

The website appears to be a standard video downloader tool with a professional design and no immediate visual indicators of a scam or phishing attempt.

Visual risk25/100

What our vision model saw

5 signals

The site provides a YouTube video downloader service which often exists in a legal gray area.

The layout is clean and professional with a functional URL input field and format selector.

No fake trust badges, countdown timers, or intrusive pop-ups are visible in the screenshot.

The site includes a clear disclaimer regarding the download of copyrighted material.

Logos for supported platforms like YouTube, Facebook, and TikTok are displayed correctly.

Intelligence

Advanced threat intelligence
Analysis
Moderate scam likelihoodengineMT · Guardiantrust40/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The site presents itself as a functional YouTube downloader with a clean layout and format options. Our sandbox and antivirus network returned clean results with no malware detections. The domain loaderr.to is explicitly flagged as a typosquat and clone of the established loader.to, sharing the same interface and ad infrastructure. Evidence from Reddit, Quora, and TuneCable shows repeated complaints about browser notification spam, fake system-infection pop-ups, and redirects to third-party downloaders. The page requests push-notification permission, a known vector for malvertising. These combined signals place the site in the suspicious category despite the clean engine scan.
Risk Factors
4
  • Domain is a typosquat and clone of loader.to sharing the same ad infrastructure.
  • Page requests browser push-notification permission, a common malvertising vector.
  • Multiple user reports on Reddit and Quora describe notification spam and redirects to fake downloaders.
  • External scripts loaded from push-sdk.com and byclickdownloader.com indicate third-party ad networks.
Positive Signals
4
  • Zero detections across 92 antivirus engines.
  • Valid SSL certificate issued by Google Trust Services.
  • Hosting IP shows zero abuse reports.
  • Clean layout with functional format selector and no fake trust badges.
The full analysis

Page Content

The page offers a YouTube downloader with options for video formats up to 4K, audio extraction including MP3, WAV, and FLAC, and playlist support. A clear disclaimer states the service does not allow copyrighted material downloads. The layout includes a URL input field and format selector with no visible countdown timers or fake trust badges.

Infrastructure

The site loads from IP 172.67.185.136 with a clean abuse score of 0/100 and no reported abuse. SSL is valid and issued by Google Trust Services. External scripts are loaded from googletagmanager.com, push-sdk.com, cdn.jsdelivr.net, and several other domains including video-download-api.com and byclickdownloader.com. The page requests browser push-notification permission on load.

Domain History

WHOIS data was unavailable for loaderr.to. The domain is identified as a typosquat of loader.to and functions as a clone sharing the same interface and ad-delivery infrastructure. No business registration records were located.

Web Reputation

Three scam reports were found across Quora, Reddit, and TuneCable describing excessive notification spam, fake virus alerts, and redirects to unwanted software. One positive review on BuildMyPlays praised audio quality. Independent review aggregators were not available for this domain. The site carries a low trust score on third-party trust sites due to proximity to high-risk advertising activity.

What this means for you

Using the downloader itself may work for media extraction, but clicking download buttons or allowing notifications has led users to unwanted software and scam pop-ups. Avoid granting notification permissions and do not download any suggested additional software from redirects.

AI Recommendation
Do not grant push-notification permission. If you need a YouTube downloader, consider established desktop software instead of browser-based services that rely on aggressive advertising.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for loaderr.to, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Clones loader.to
The page impersonates a well-known brand's site.
Typosquat check
Typosquat of loader.to
Deliberate misspelling of a real brand's domain.
Web mentions
3 scam reports · 12 complaints · 1 positive
Key findings
5 headline facts from open-web research
  • The site is a YouTube downloader that generates revenue through aggressive third-party advertising and redirects.
  • Users frequently report deceptive 'System Infected' or 'Update Flash Player' pop-ups triggered by clicking download buttons.
  • The domain loaderr.to is often flagged for push-notification spam, which delivers repetitive scam alerts to the user's desktop.
  • While the downloaded media files themselves are often clean, the site frequently redirects to pages prompting the installation of unwanted software (PUAs) or 'ByClick Downloader'.
  • Security scanners like Scam-Detector give the domain a low trust score (10.8/100) due to proximity to high-risk activity.
Scam reports (3)
Direct quotes from public scam databases, forums, and news.
  • Quoraopen

    "YouTube MP3 Playlist Downloader Online - Loader.to was sending me excessive notifications to my browser... spams and scams telling me my system was infected."

  • Redditopen

    "The only 'dumb' thing you can ever do on those 'youtube to mp3' sites is saying yes to notifications... that's where you'll get the 'you have a virus' pop ups."

  • TuneCableopen

    "During testing, we found that this site puts a fake download button that redirects to 3rd-party sites... trick you into downloading fake 'downloaders' or 'codecs'."

Positive reviews (1)
Quotes indicating the site is legitimate.
  • BuildMyPlaysopen

    "Loaderr.to delivers exceptional audio quality for a free online service, producing WAV files with true lossless specifications of 1411 kbps."

Impersonation / typosquat
Typosquat of loader.to

Loaderr.to (with double 'r') is a known alternative or mirror of the more established loader.to, often sharing the same interface and ad-delivery infrastructure.

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

Our research found three scam reports on Quora, Reddit, and TuneCable. Users described excessive browser notifications, fake system-infection pop-ups, and redirects to third-party downloaders after clicking download buttons. One positive review on BuildMyPlays praised the audio quality of WAV downloads. The domain is noted as a clone of loader.to with shared ad infrastructure.

Threat Detection

Scam Network

Cross-site correlation

This site shares signals with a broader cluster

Critical cluster

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score
0/100
ClearLowModerateHighCritical
Evidence (2)
  • Evidence confirms this site is a clone of loader.to.
  • Domain is a typosquat of loader.to.
Linked signals (3)
cdn.jsdelivr.netClone of loader.toTyposquat of loader.to

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious57Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not queried
ESET-NOD32
Not queried
Avira
Not queried
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Not queried
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗

Scam-Type Likelihood

2 scam-type patterns detected
Scam-Type Likelihood

2 of 21 categories showed signals

We check every URL against 21 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Scareware & Fake Pop-ups
Scareware & Fake Pop-ups
High likelihood
100/100
  • Tagged as scareware / adware / malvertising.
  • Scareware / adware / notification-spam language in the tags.
  • Browser push-notification spam / 'click Allow' bait detected.
Brand Impersonation
Moderate likelihood
35/100
  • Domain is a typosquat of loader.to.
  • AI analyst tagged this as a brand / clone-site impersonation.

Technical Details

The plumbing behind the site — who registered it, how it’s encrypted, where it’s hosted, and where it links out. A valid certificate or a calm server doesn’t mean the business is honest — scam sites pass these checks too. Use this to corroborate the verdict, not to overturn it.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.
  • Page requests browser push-notification permission — common malvertising vector.
  • Scam family match: Push-Notification Spam.

Domain & Encryption

Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerGoogle Trust Services · WE1
ExpiresSep 9, 2026 (57d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS
Web servercloudflare

Redirect Chain

Hops
2
Cross-domain
No
Lookalike
No
Punycode
No
  • 1301http://loaderr.to/
  • 2301https://loaderr.to/
  • 3200https://loaderr.to/en/

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

What to do

Fake pop-ups & scareware

This page uses fake "you won a prize" or "your device is infected" pop-ups to push adware, browser-notification spam, unwanted extensions, or a fake support number — none of it is real.

  • Do not interact with loaderr.to

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Close the tab — don't click "Allow", "Download", or "Call"

    You didn't win, and your device isn't infected. Every "Allow notifications", "Download", "Scan now", or "Call support" button leads to adware, junk extensions, or a scam. Just close the tab — or the whole browser.

  • If you clicked "Allow", turn the notifications back off

    Open your browser's Site Settings → Notifications, find the site, and set it to Block (or remove it). That stops the spam pop-ups it now pushes to your desktop.

  • Remove anything it installed, then run an adware scan

    Uninstall any browser extension, "player", "codec", or app you added because of this page, and run a reputable free adware / malware cleaner (e.g. Malwarebytes) to clear leftover PUPs. And never call a number shown in a pop-up — real vendors don't do that.

    Open

Safer Alternatives

Trying to download software? Use a safe option instead

Downloading software? Get it from the maker's official site or an official app store — "cracked", "modded", or keygen downloads are one of the most reliable ways to install malware.

The vendor's official website

Search the product name + "official" and check the domain before downloading.

Microsoft Store

Vetted Windows apps.

Ninite

Bundles legitimate free apps from their real sources.

Suggestions for safety only — not endorsements. Always verify the address bar before signing in or paying, even on well-known sites.

Final Verdict

0
Trust / 100
Final Verdict·loaderr.to
DANGEROUS

Loaderr.to is a YouTube video and audio downloader. The domain is a typosquat of loader.to and multiple user reports describe aggressive push-notification spam and redirects to unwanted software.

Do not grant push-notification permission. If you need a YouTube downloader, consider established desktop software instead of browser-based services that rely on aggressive advertising.

AV engines
92
Domain age
Flagged
0
Scan another URL
Security review completemalwaretips.com/url-scan

Safety FAQ

Common questions, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • loaderr.to is a scareware / fake-pop-up page — the kind that flashes "Congratulations, you won!" or "Your device is infected!" alerts to push adware, browser-notification spam, unwanted extensions, or a fake support number. None of it is real — you didn't win, your device isn't infected, and its "Allow", "Download", and "Call" buttons all lead to junkware or a scam. Close the tab: don't click anything, don't allow notifications, and never call a number it shows.
  • No — loaderr.to scored just 20/100 on our trust scale, and we detected active threat indicators. We recommend avoiding it entirely: don't log in, pay, download anything, or connect a wallet.
  • Almost certainly not from just loading it. loaderr.to shows fake "you won a prize" or "your device is infected" pop-ups to scare or tempt you into clicking — the pop-up itself is the trick, not a real infection or a real prize. The danger is what happens if you act on it: clicking "Allow" turns on spam desktop notifications, and "Download", "Update", or "Scan now" buttons install adware, unwanted extensions, or PUPs. If you only saw the pop-ups and closed the tab, you're fine. If you clicked "Allow", block the site under your browser's Notifications settings; if you installed or downloaded anything, remove it and run a reputable free adware/malware cleaner (e.g. Malwarebytes). And never call a "support" number shown in a pop-up — that's a scam.
  • No. The "Congratulations, you won!" and "Your device is infected!" pop-ups on loaderr.to are fake — an automated ad-network page shows the same message to everyone who lands on it. You didn't win anything, and nothing actually scanned your device. The whole point is to get you to click: "Claim", "Allow", "Download", and "Call" all lead to adware, spam notifications, junk browser extensions, or a fake-support phone scam. Close the tab and don't click anything on the page.
  • If you're getting pop-ups even after closing the page, you probably clicked "Allow" on a notification prompt — the spam now comes from your browser, not the site. Open your browser settings → Site Settings → Notifications, find loaderr.to (and anything else you don't recognise), and set it to Block or remove it. Then uninstall any extension, "player", or app you added because of the page, and run a reputable free adware/malware cleaner (e.g. Malwarebytes) to clear leftover PUPs.
  • No — all 92 antivirus and blocklist engines in our malware network currently report loaderr.to as clean. That's a good sign, though antivirus coverage is only one of the many signals we weigh, and brand-new scam sites can appear clean before vendors catch up.
  • No — loaderr.to is not currently on the major browser blocklist feeds that Chrome, Safari, Firefox, and Edge rely on. Note that blocklists can lag behind brand-new scam domains, so "not listed" is reassuring but not a guarantee on its own.
  • loaderr.to resolves to an IP operated by Cloudflare, Inc. in US (Content Delivery Network). Hosting location alone doesn't make a site good or bad — but hosting that doesn't match a brand's claimed country, or that sits on networks known for abuse, is one of the many signals we weigh alongside the verdict above.
  • This report is a record of the scan run on July 13, 2026, and the verdict reflects that point in time. Scam sites change fast — they can go live, get flagged, or vanish within days — so if you believe something about loaderr.to has changed, MalwareTips staff can run a fresh scan that re-checks every signal from scratch and republishes an updated verdict.
Recently scanned

Other Dangerous reports

Browse all reports
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.