Links are often treated more lightly than written text.
However, links contain a lot of information.
Search terms, tracking parameters, referral IDs, session information, cloud-sharing owners, viewing permissions, and the destination of a shortened URL. Even if the surrounding text says nothing, the URL alone can reveal behavior or accounts.
If you are thinking about anonymity, pause once before sharing a link.
This article organizes the information to check before sharing a link.
URLs contain information
A URL is not just a page address.
Paths and query strings may contain search conditions, product IDs, campaign IDs, referral codes, referrers, and user identifiers.
Information contained in a URL
Example
Caution
Search term
Values such as q=privacy
What you were researching becomes visible
Tracking parameter
utm_source and similar values
Where someone came from or which campaign it was becomes clear
Referral ID
ref=, invite=, and similar values
Whose referral it was or which account it was becomes clear
Product or article ID
id=12345 and similar values
The target being viewed or operated on becomes clear
Session-like value
token=, session=, and similar values
Sharing it may be dangerous
Strings such as example.com used for explanation should be treated as examples, not as introductions to real services.
When sharing an actual URL, check whether it has unnecessary parameters.
Be especially careful with cloud sharing links
Cloud sharing links are different from ordinary web page links.
They may be set so anyone who knows the link can view them. The owner name, email address, profile image, folder name, edit history, comments, and viewer information may also be visible to the recipient.
Check item
Reason to check
Owner display
A real name or workplace account may be visible to the recipient
Sharing scope
Check whether everyone who knows the link can view it
Edit permission
Check whether the recipient can change the content
Folder hierarchy
Check whether parent folder names contain personal information or project/matter names
Viewing history
Check whether it records who opened it
Before sending a link, open it in another browser or another account and check how it appears to the recipient. The act of opening it for checking may itself remain as viewing history, access logs, owner notifications, or click measurement.
Information that is not visible on your screen may appear on the recipient's screen.
Do not trust shortened URLs as-is
You cannot tell the destination of a shortened URL from its appearance.
They are convenient, but anonymity requires caution. The creator of the shortened URL may be able to check click counts and times. The destination URL may also contain tracking parameters.
Shortened URL issue
Explanation
Destination is not visible
The recipient has difficulty judging where they will go
Click measurement
Access times and counts may remain with the creator or service side
Tracking parameters
The destination URL may contain identifying information
Reliability
It may lead to a malicious page or a different page
For anonymous activity, avoid shortened URLs, and if necessary, check the destination before sharing.
Detailed handling of shortened URLs is explained in an article about shortened URL risks.
Look at QR codes and invitation links the same way
Links are not only text strings.
QR codes, invitation links, share buttons, and in-app "add friend" links also contain URLs or identifiers. They only look like images or buttons; behind the scenes, links are used in the same way.
Sharing format
Caution
QR code
The destination or identifier is hard to know until it is scanned
Invitation link
It may reveal whose invitation it is or which group it is
Share button
The app may add the sharing source or account information
Group join URL
It may connect with participant lists or administrator information
Map link
It may include home, workplace, meeting place, or search history
When sharing a QR code, scan it yourself in advance and check the destination URL.
When sharing an invitation link, check how participants, administrators, the group name, and display names appear to the recipient.
Assume it will be forwarded in chat
Once you send a link, it can be forwarded.
Even if you trust the recipient, you cannot control that person's device, chat history, cloud backups, screenshots, or forwarding to another group.
What happens through forwarding
Effect on anonymity
It is pasted into another group
The link reaches unintended people
It is screenshotted
Not only the URL, but also the sender name and time remain
A reply quotes it
Context and link are saved together
It is backed up to the cloud
It remains for a long time as chat history
It is reposted somewhere searchable
What was meant as limited sharing becomes public information
Before sharing, check whether it is acceptable for this link to leave your control.
Look at the combination of link and text
Even if the URL alone is weak information, it can become a strong clue when combined with the surrounding text.
For example, if the text says "a nearby shop" and the link points to a specific store page, your usual places become visible. If the text says "a friend told me about it" and you post a link with a referral ID, your relationships or account may become visible.
Combination
What becomes visible
Regional story + store link
Regular activity area or movement range is inferred
URL with search terms + post body
Interests or research topic become visible
Referral link + account
Referrer or registration relationship becomes visible
Cloud link + real-name owner
Anonymous post and real-name account connect
Shortened URL + posting time
Click measurement and behavior time connect
Do not check a link by itself; look at it together with the surrounding text, posting account, and posting time.
Check steps before sharing
Before sharing a link, check in the following order.
Look for search terms, referral IDs, and tracking parameters in the URL
If it is a cloud link, check the owner name and permissions
If it is a shortened URL, check the destination
Look at it together with the surrounding text and check whether it reveals your usual places or account
Open it in another environment and check how it appears to the recipient
If you are unsure, you can choose not to post the link and explain only the service name or article title in text.
Think about whether posting the link itself is necessary.
Not sharing is also an option
If you want to protect anonymity, there are situations where it is better not to post a link.
If the link indicates specific usual places, a search term, an account, or a cloud owner, options include explaining only the summary in text, using a screenshot that leaves only the necessary range, or sharing it later after preparing it in a safer form.
However, screenshots can also include notifications, times, account names, and background information. Avoiding a link does not automatically make it safe.
What matters is not whether you use a link, image, or text, but checking what the other person can see.
Summary
Links may contain search terms, tracking parameters, referral IDs, cloud sharing information, owner names, viewing permissions, and other information.
Even if the surrounding text is safe, the URL may reveal an account or behavior.
Before sharing, check unnecessary parts of the URL, cloud sharing settings, the destination of shortened URLs, and the combination with the surrounding text.
A link is not minor information.
In anonymous activity, links are also subject to pre-publication checks, just like post bodies and files.
Related tools
OSINT directory
OSINT Framework
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.