← All datasets

LinkSort #29

Jul 7, 2026

968,055
Records
1
Files
Jul 7, 2026
Added

A credential stuffing / stealer log compilation in URL:username:password format. The file contains thousands of plaintext credentials across hundreds of different websites including social media (Facebook, Twitter, Instagram), gaming platforms (Roblox, Garena, Steam), financial services (EPF India, GST India, Maybank), and various other services. The data spans multiple geographies with notable concentrations of Vietnamese, South African, Indian, and Malaysian users. This appears to be part of a numbered series of sorted credential lists ('LinkSort') derived from infostealer malware logs.

Data found in this dataset

Usernameskip

Search this dataset

Scoped to this dataset. Fill any combination — results match if any field hits.

Source files

Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.

LinkSort_29.txt
3 columns968,055 rows

File structure

Source columnMapped fieldConfidenceLLM assessment
0usernamehighcontains URLs, app package names, IPs, and service identifiers — typical for account identifiers in stealer logs
1passwordhighvalues include plaintext passwords, password hashes, and special-character patterns typical of credentials
2skiphighcontains empty strings, placeholders ('?'), or non-PII tokens; no consistent PII pattern observed

Notes: Combo list from 'LinkSort' infostealer logs. Format is URL/app:username:password or similar. Second field contains credentials; third field often empty or placeholder.