LinkSort #22 Stealer Log Compilation
Jul 7, 2026
A stealer log / credential stuffing compilation labeled 'LinkSort #22'. The file contains URL:username:password triplets harvested from infostealer malware across multiple victims. Credentials span a wide range of services including social media (Facebook, Instagram, Twitter, TikTok), gaming platforms (Rockstar, Epic Games, Roblox, Battle.net), Microsoft/Google accounts, PayPal, Adobe, and also includes router/device admin credentials for private IP addresses (Ubiquiti firmware endpoints). Victims appear to be located across multiple countries including El Salvador (mined.edu.sv/mined.gob.sv), Brazil, and the UK/US. No single breached company is the source — this is an aggregated infostealer log dump.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
LinkSort_22.txt3 columns999,898 rows
File structure
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 0 | skip | high | contains URLs, IP addresses, or service identifiers; not usable PII |
| 1 | username | high | contains email addresses, usernames, or account identifiers used for login |
| 2 | password | high | contains passwords, password hashes, or credentials |
Notes: Combo list containing URL/IP/service identifier, username/email, and password. Most entries are from infostealer logs targeting gaming, social media, Microsoft/Google, Adobe, PayPal, and router admin credentials. Some entries use 'UNKNOWN' as username where the service does not require a username field.