MalwareTips
Security Review

Is jns-henderson.io legit or a scam?

Our verdict:Dangerous· 18/100

A malicious investment scam domain impersonating Janus Henderson Investors through typosquatting and brand cloning to harvest user credentials.

Top reasons
Domain is a typosquat of the legitimate janushenderson.com brand.Identified as a clone site by our fingerprinting analysis.No business registration or legitimate corporate contact information exists.
jns-henderson.ioScanned 1h ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 32·MT 12
Category tags
investment scamphishing#investment scam#clone site#phishing95% MT confidence

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
Registration date unknown
MT Intelligence
Dangerous
Critical likelihood · 95% confidence
DANGEROUS

Brand impersonation — not the real site

A malicious investment scam domain impersonating Janus Henderson Investors through typosquatting and brand cloning to harvest user credentials. This page is styled as a brand but is not the brand's real site. Go to the official site directly, and treat any download, login, or payment request here as unsafe.

Website Preview

Screenshot of jns-henderson.io
LIVE RENDER
jns-henderson.io

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust12/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The domain jns-henderson.io is a clear typosquat of the legitimate financial firm Janus Henderson. Our threat-intelligence layer identified it as a clone of the official site, following a pattern of recently registered domains used for investment fraud. While the page currently shows a default server message, this is a common tactic for staging phishing attacks before they are fully deployed. The official company has issued warnings about exactly this type of brand impersonation. Given the lack of business registration and the suspicious naming convention, this site poses a high risk to users.
Full dossier
Analysis complete

Page Content

The site currently displays a default server welcome page, which is a frequent indicator of a newly established phishing infrastructure. There are no contact details, physical addresses, or legitimate business disclosures present on the domain.

Infrastructure

The domain is hosted on a server with an IP that has been linked to other suspicious finance-themed lookalike sites. It utilizes a short-term security certificate to appear secure, though it lacks any verifiable corporate backing.

Domain History

Registered very recently in June 2026, the domain has no established traffic or reputation. The use of 'jns' (a former stock ticker for Janus) combined with the brand name is a calculated attempt to deceive investors who might recognize the abbreviation.

Web Reputation

Our research confirms that similar domains in this specific naming block have already been flagged by security engines for phishing. Major financial institutions have specifically warned against these types of clones that use altered spellings to trick customers.
Risk Factors
6
  • Domain is a typosquat of the legitimate janushenderson.com brand.
  • Identified as a clone site by our fingerprinting analysis.
  • No business registration or legitimate corporate contact information exists.
  • Part of a known pattern of suspicious finance-themed lookalike domains.
  • Official brand warnings exist regarding impersonators using this specific naming style.
  • Zero traffic ranking and very recent registration date.
Positive Signals
1
  • The hosting IP currently has a low abuse report count.
AI Recommendation
Do not enter any personal or financial information on this site. If you are looking for Janus Henderson Investors, only use their verified official domain.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for jns-henderson.io, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Clones janushenderson.com
The page impersonates a well-known brand's site.
Typosquat check
Typosquat of janushenderson.com
Deliberate misspelling of a real brand's domain.
Web mentions
2 scam reports
Key findings
7 headline facts from open-web research
  • The domain jns-henderson.io returns a default "Welcome to nginx!" page, indicating it is a freshly set up server with no content deployed.
  • Very similar domain jns-henderson.com (registered June 9, 2026) was scanned days ago, flagged by 2/91 engines, scored 30/100 trust, and identified as mimicking Janus Henderson Investors investment platform.
  • Janus Henderson officially warns about fraudsters creating cloned/impersonating websites using name variations and branding to phish users (examples include altered spellings like jnushenderson.com).
  • No search results, reviews, complaints, or mentions of jns-henderson.io specifically were found across web, Reddit, PhishTank, or security databases.
  • No business registration, contact info, or legitimate ties to the real Janus Henderson (official site: janushenderson.com) could be located.
  • Domain appears to be part of a pattern of recent (June 2026) suspicious finance-themed lookalike domains hosted with nginx and Let's Encrypt certs.
  • No established traffic, ranking, or online presence; consistent with newly registered potential phishing or credential-harvesting sites.
Scam reports (2)
Direct quotes from public scam databases, forums, and news.
  • PCrisk Scanneropen

    "jns-henderson.com appears to present itself as an investment and market-access platform under the name “Janus Henderson Investors.” ... The domain was registered only 8 days ago, has no established traffic ranking, and was flagged by 2 out "

  • Janus Henderson Officialopen

    "Fraudsters often use Janus Henderson Investors branding and logos on correspondence, webpages, and social media accounts that they have created ... Impersonating, cloning, or otherwise claiming to represent Janus Henderson Investors - varia"

Impersonation / typosquat
Typosquat of janushenderson.com

Domain name 'jns-henderson' is a clear abbreviation/variation of 'Janus Henderson' (JNS was the old ticker for Janus Capital). Page serves default nginx welcome, common for newly deployed scam/phishing sites. Similar jns-henderson.com flagged as brand impersonation.

Research summary
Narrative write-up from our AI analyst, grounded on the facts above
We found official warnings from Janus Henderson Investors regarding fraudsters cloning their branding on lookalike domains. Security research outlets have flagged the related domain jns-henderson.com as a phishing threat. No legitimate business registration or positive reviews exist for this .io version, which fits the profile of a temporary scam site.

Scam Network Intelligence

Cross-site correlation

This site shares signals with a broader cluster

Critical cluster

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score
0/100
ClearLowModerateHighCritical
Evidence (2)
  • Evidence confirms this site is a clone of janushenderson.com.
  • Domain is a typosquat of janushenderson.com.
Linked signals (2)
Clone of janushenderson.comTyposquat of janushenderson.com

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious57Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not in pass
ESET-NOD32
Not in pass
Avira
Not in pass
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Clean
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Encryption Certificate
StatusValid
ProtocolTLSv1.2
IssuerLet's Encrypt · YR1
ExpiresSep 20, 2026 (89d)
Self-signedNo
Hosting & Technology
HostingSERVERS TECH FZCO
Server locationNL
Web servernginx/1.18.0 (Ubuntu)

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPSERVERS TECH FZCO
Usage typeData Center/Web Hosting/Transit

Scam-Type Likelihood

2 scam-type patterns detected
Scam-Type Likelihood

2 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Brand Impersonation
Brand Impersonation
Moderate likelihood
50/100
  • Domain is a typosquat of janushenderson.com.
  • AI analyst tagged this as a brand / clone-site impersonation.
  • Clustered with known brand-impersonation infrastructure.
Phishing
Moderate likelihood
35/100
  • Domain is a typosquat of janushenderson.com.
  • AI analyst tagged this as phishing / data-harvesting.

Brand impersonation detected

This page is styled as a known brand but is not the brand's real site.

  • Do not interact with jns-henderson.io

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Go to the brand's real site directly

    Type the brand name into a search engine or open it from your bookmarks — don't use links from emails, SMS, ads, or social posts, which are the delivery vectors for impersonation.

  • Never download or sign in here

    Even if the page "just" offers a download or a giveaway, impersonation pages frequently deliver malware or set up follow-up phishing. Assume anything accepted from this site is hostile.

  • Report the impersonation to the brand

    Most major brands have a dedicated abuse or anti-phishing reporting channel — reporting helps them take the site down and protects other users.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

nginx.orgnginx.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags jns-henderson.io as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — jns-henderson.io scored 18/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. jns-henderson.io presents a valid TLSv1.2 certificate issued by Let's Encrypt · YR1, expiring in 89 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • No. All 92 antivirus engines in our malware network report jns-henderson.io as clean.
  • No. jns-henderson.io is not currently listed on the major browser blocklist feeds that modern browsers use.
  • jns-henderson.io resolves to an IP operated by SERVERS TECH FZCO in NL (usage type: Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 22, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around jns-henderson.io have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·jns-henderson.io
DANGEROUS

This site is a malicious impersonation of Janus Henderson Investors designed to steal financial credentials. It uses a typosquatted domain name and shows clear signs of being part of a coordinated phishing network. You should avoid entering any information on this page.

Do not enter any personal or financial information on this site. If you are looking for Janus Henderson Investors, only use their verified official domain.

AV engines
92
MT passes
2
Net signals
2
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust73
nobleclothing.in
33m ago
Read the review
Dangeroustrust1
pariwarhousing.com
33m ago
Read the review
Dangeroustrust1
snapsource.net
34m ago
Read the review
Dangeroustrust34
5movierulz.legal
36m ago
Read the review
Dangeroustrust33
bato.onl
2h ago
Read the review
Dangeroustrust29
spinraze.com
2h ago
Read the review
Dangeroustrust1
officedeskego-dp8bsedoxuio.edgeone.dev
2h ago
Read the review
Dangeroustrust1
agenciarstributariacdr.eu.cc
3h ago
Read the review
Dangeroustrust38
aiaexprl.shop
3h ago
Read the review
Dangeroustrust1
vgsonx.com
4h ago
Read the review
Dangeroustrust1
kasihfoundation.org
4h ago
Read the review
Dangeroustrust1
visionstovictory.com
4h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.