一直有陌生 IP 想看我服务器里的狂飙是为什么？

我在家里搭了一套服务器，向电信申请了动态公网 IP ，通过 DDNS 绑在一个域名上，用的高位端口，开了防火墙，用 Lucky 做反代。

然后我开了一个 AList 服务给我自己挂载网盘用，服务从未公开给任何人。

但是最近通过 LOG 文件发现，有人通过很多的肉鸡服务器，一直访问我 AList 目录下一个狂飙的资源（而且在我发现这个事情之后我第一时间删除了这个资源，但还是持续访问（肯定是无法成功访问的））：

2025/01/17 00:33:07
{"ExtInfo":{"ClientIP":"27.10.81.218 中国|重庆|重庆市|联通","Host":"alist.mywebsite.com:20404","Method":"GET","URL":"/d/夸克/来自：分享/狂飙/狂飙.2023.E13.WEB-DL.4K.H265.AAC-HDCTV.mp4?sign=ab4a9131bAVolZvK1S0PYMpOwpf3y3HXhrDVUGG5MLc=:0","UserAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36"},"level":"info","msg":"Upgrade [] Connection[keep-alive]"}
2025/01/17 00:33:07
{"ExtInfo":{"ClientIP":"27.10.81.218 中国|重庆|重庆市|联通","Host":"alist.mywebsite.com:20404","Method":"GET","URL":"/d/夸克/来自：分享/狂飙/狂飙.2023.E13.WEB-DL.4K.H265.AAC-HDCTV.mp4?sign=ab4a9131bAVolZvK1S0PYMpOwpf3y3HXhrDVUGG5MLc=:0","UserAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36"},"level":"info","msg":"[alist.mywebsite.com] access target url [http://192.168.0.209:5244/d/%E5%A4%B8%E5%85%8B/%E6%9D%A5%E8%87%AA%EF%BC%9A%E5%88%86%E4%BA%AB/%E7%8B%82%E9%A3%99/%E7%8B%82%E9%A3%99.2023.E13.WEB-DL.4K.H265.AAC-HDCTV.mp4?sign=ab4a9131bAVolZvK1S0PYMpOwpf3y3HXhrDVUGG5MLc=:0]"}
2025/01/16 23:53:56
{"ExtInfo":{"ClientIP":"59.51.225.47 中国|贵州省|铜仁|电信","Host":"alist.mywebsite.com:20404","Method":"GET","URL":"/d/夸克/来自：分享/狂飙/狂飙.2023.E13.WEB-DL.4K.H265.AAC-HDCTV.mp4?sign=ab4a9131bAVolZvK1S0PYMpOwpf3y3HXhrDVUGG5MLc=:0","UserAgent":"Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36"},"level":"info","msg":"Upgrade [] Connection[Keep-Alive]"}
2025/01/16 23:53:56
{"ExtInfo":{"ClientIP":"59.51.225.47 中国|贵州省|铜仁|电信","Host":"alist.mywebsite.com:20404","Method":"GET","URL":"/d/夸克/来自：分享/狂飙/狂飙.2023.E13.WEB-DL.4K.H265.AAC-HDCTV.mp4?sign=ab4a9131bAVolZvK1S0PYMpOwpf3y3HXhrDVUGG5MLc=:0","UserAgent":"Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36"},"level":"info","msg":"[alist.mywebsite.com] access target url [http://192.168.0.209:5244/d/%E5%A4%B8%E5%85%8B/%E6%9D%A5%E8%87%AA%EF%BC%9A%E5%88%86%E4%BA%AB/%E7%8B%82%E9%A3%99/%E7%8B%82%E9%A3%99.2023.E13.WEB-DL.4K.H265.AAC-HDCTV.mp4?sign=ab4a9131bAVolZvK1S0PYMpOwpf3y3HXhrDVUGG5MLc=:0]"}
2025/01/16 21:30:45
{"ExtInfo":{"ClientIP":"115.239.40.115 中国|浙江省|嘉兴市|电信","Host":"alist.mywebsite.com:20404","Method":"GET","URL":"/d/夸克/来自：分享/狂飙/狂飙.2023.E13.WEB-DL.4K.H265.AAC-HDCTV.mp4?sign=ab4a9131bAVolZvK1S0PYMpOwpf3y3HXhrDVUGG5MLc=:0","UserAgent":"Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36"},"level":"info","msg":"[alist.mywebsite.com] access target url [http://192.168.0.209:5244/d/%E5%A4%B8%E5%85%8B/%E6%9D%A5%E8%87%AA%EF%BC%9A%E5%88%86%E4%BA%AB/%E7%8B%82%E9%A3%99/%E7%8B%82%E9%A3%99.2023.E13.WEB-DL.4K.H265.AAC-HDCTV.mp4?sign=ab4a9131bAVolZvK1S0PYMpOwpf3y3HXhrDVUGG5MLc=:0]"}
2025/01/16 21:29:48
{"ExtInfo":{"ClientIP":"115.239.40.115 中国|浙江省|嘉兴市|电信","Host":"alist.mywebsite.com:20404","Method":"GET","URL":"/d/夸克/来自：分享/狂飙/狂飙.2023.E13.WEB-DL.4K.H265.AAC-HDCTV.mp4?sign=ab4a9131bAVolZvK1S0PYMpOwpf3y3HXhrDVUGG5MLc=:0","UserAgent":"Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36"},"level":"info","msg":"Upgrade [] Connection[Keep-Alive]"}

这个地址分布于全国各地，每天持续更换 ip 攻击，一小时几百次访问，我不得不开白名单，这也影响了我自己使用。

我有两个疑问想问问各位大佬：

1. 他是怎么知道我这个具体狂飙资源的地址的，我可以保证我从未分享过给任何人，但是我用过网易爆米花这款 app 并且挂载了我的 AList 的 WebDAV （目前早已卸载，并且只在手机使用 ios 客户端），这是我能想到的唯一可能获取到我具体内容的方式了，要么就是爬虫？空间搜索引擎可以做到吗？
2. 他持续访问我这个资源（为什么只有狂飙这一集？），能做到 AList 漏洞攻击到我的内网吗？这是什么攻击方式？我排查正常的访问没有后面这串mp4?sign=ab4a9131bAVolZvK1S0PYMpOwpf3y3HXhrDVUGG5MLc=:0，如果这是我的登录密钥，对方又是如何找到的？而且这样难道可以拿到我的写入权限？

还请各位赐教，谢谢。