Popular malware/url analysis tools like urlscan.io, Hybrid Analysis, and Cloudflare radar url scanner store a vast amount of links for intelligence gathering and sharing, including private and sensitive links mistakenly submitted by users. These links contain various types of sensitive content like private files, shared secrets, smart home device recordings, and meeting recordings. There is a lack of responsibility from the platforms regarding the content submitted. Some links can be accessed by paying users. Methods to remove sensitive links from urlscan and Hybrid Analysis are available, but it may be challenging. This issue is likely to persist, highlighting the importance of being cautious when using these services.
https://vin01.github.io/piptagole/security-tools/soar/urlscan/hybrid-analysis/data-leaks/urlscan.io/cloudflare-radar%22/2024/03/07/url-database-leaks-private-urls.html