← All datasets

LinkSort #60 Stealer Logs

Jul 7, 2026

999,194
Records
1
Files
Jul 7, 2026
Added

A credential stuffing / infostealer log compilation labeled 'LinkSort #60', containing URL:username:password triplets harvested from various websites. The data appears to be West African (primarily Côte d'Ivoire) in origin based on domains like uvci.edu.ci, farfarci.com, djoganapayci.com, and French-language services. Contains plaintext credentials for Google, Facebook, Instagram, Netflix, Apple ID, Snapchat, PayPal, and dozens of other services. This is a stealer log sorted/compiled file, not a breach of a single company.

Data found in this dataset

Usernameskip

Search this dataset

Scoped to this dataset. Fill any combination — results match if any field hits.

Source files

Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.

LinkSort_60.txt
3 columns999,194 rows

File structure

Source columnMapped fieldConfidenceLLM assessment
0skiphighcontains URLs, internal IDs, sequence numbers, timestamps, or non-PII data
1usernamehighcontains email addresses, user handles, and other identifiers used for account access
2passwordhighcontains password hashes, plaintext passwords, and other credential strings

Notes: Combo list containing URL/service identifier, username (often email), and password. Data originates from West African (primarily Côte d'Ivoire) sources based on domains and language. Contains credentials for major services like Google, Facebook, Instagram, Apple ID, PayPal, Netflix, and Snapchat, harvested from infostealer/credential stuffing logs.