ssndob.cc
Feb 23, 2014
Web server access logs from SSNDOB (ssndob.cc), an underground marketplace that sold Social Security Numbers and dates of birth of US individuals. The logs dated February 23, 2014 capture HTTP requests including login and registration events with plaintext credentials visible in POST request logs. SSNDOB was a cybercriminal service that traded in PII including SSNs, DOBs, and other personal data on millions of Americans.
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
ssndob.txt341,660 rows
File structure
Notes: This is a web server access log file (Apache combined log format), not a structured PII database. Each line represents an HTTP request to the SSNDOB marketplace. While the logs contain embedded PII in POST request parameters (usernames, passwords, emails, search queries with names/locations), there is no consistent columnar structure — the log lines have varying lengths and content types (GET requests, POST requests, static asset requests). The file should be processed by a streaming pattern extractor to identify and extract usernames, passwords, emails, and search parameters containing personal data (firstname, lastname, state, city, zip) from the query strings and POST bodies.