ScanMalware.com

Security Scan Report: hcm-internal.paycor.com

Redirected to: https://hcm-internal.paycor.com/authentication/signin?ReturnUrl=https%3A%2F%2Fhcm-internal.paycor.com%2Fportal%2F

Submitted: Mar 27, 2026, 2:39:49 AMCompleted: Mar 27, 2026, 2:41:18 AMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 2 countries across 9 domains to perform 11 HTTP transactions. The main domain is hcm-internal.paycor.com and was registered NaN years ago.

Submitted URL: https://hcm-internal.paycor.com

Effective URL: https://hcm-internal.paycor.com/authentication/signin?ReturnUrl=https%3A%2F%2Fhcm-internal.paycor.com%2Fportal%2FRedirected

The Cisco Umbrella rank of the primary domain is #27,718 of the top 1 million websites

AI Security Verdict

Safe Website

Confidence: 95%

0
Risk Score

The site appears to be a legitimate Paycor employee login portal with no detected threats.

Safety Factors
Brand domain matches meta description
Well‑established domain with long registration history
Cisco Umbrella ranking within top 100 K
No malicious Indicators of Compromise or IDS alerts
Login form aligns with legitimate employee portal
Domain age information unavailable

Details

Page Title

Paycor Login

Scan Type

public

Language

🇺🇸

English

(59% confidence)

Category

technology software

(37%)

Domain Information

You're looking at domain 'hcm-internal.paycor.com' on the commercial generic top-level domain (.com), featuring subdomain 'hcm-internal'. The core label 'paycor' covers 6 characters containing two vowels alongside 4 consonants. Breaking it apart gives 2 words: pay, cor. Median word length is 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://hcm-internal.paycor.com

Page Load Overview

7.42s
Total Load Time
109
HTTP Requests
19
Domains
3.7 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:59%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:59%
Script Type:Latin
Text Length:3,202 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software37% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
37%
blog personal website
32%
documentation technical
32%
government public service
29%
corporate business
28%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1934.36.213.229Kansas City, Missouri, United States
AS396982Google LLC
15184.30.220.67Germany
AS54113
15162.247.243.39United States
AS54113Fastly, Inc.
15104.18.86.42United States
AS13335Cloudflare, Inc.
1513.33.158.47Germany
AS20940
1540.121.154.48Washington, Virginia, United States
AS8075Microsoft Corporation
15142.251.141.136Germany
AS16625
1097--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T169834AC971D2A87217A306FAE16B5041F33650262649C864B79CEDF12FD98DDA232F7C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:01VDnvW8+/QowR10+3brc4jLpu8kRKAefL:GVDnvg/Xw30+0ku8kRKfL

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:87564:kDAGsBJAsEBynZBwJCCGgAgAJKEARgCUAqI3hJyYCi0C4FQgkHgQQaEEEAAEGAMETlBxSBWpekABDCABAECAZDAo4SBAjQEJ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data