This has great potential for (fraudulent) advertising and even attempting to phish someone or infect them with malware if they clicked on such links. It was only a matter of time before someone would use it for bad purposes.
If you didn't give someone your node ID, could they have gotten it from other parties that were on the receiving/giving end of LN transactions with you?
Does the LN software you use record such data?
As I mentioned on the other thread here, I was using LND. Latest version, at the time. There was only one channel open - Voltage-C2 - so I could not have been able to route any payments at the time.
Maybe someone was scraping the IDs if everyone's nodes and sending them all a 1sat transaction. Wouldn't be expensive to pull off at all given how few LN nodes there are.
Also, the transaction UI I posted is from a commercial LN analytics, so I imagine this info is embedded inside the BOLT11 invoices themselves.