Yeah, this seems rather nifty, but I'd want a lot more details about how the unique URL is generated, what protections there are against people trying to brute-force URLs to stumble upon money, and how the server/wallets are secured before using it for anything serious.
The URL contains 16 bytes of random data. I hope an attacker will do the math before wasting his and my bandwidth. Right now there isn't any sophisticated throttling implemented. Let's see how long until I have to deal with some trouble maker.
This is a serious issue if someone under the control of a botnet points it at your site. They could implement throttling on their end (so as to avoid DDOS) and yet still hit you from so many IPs. This service's security is mere obscurity (which would be fine as *one* layer--but not the only). You should think about at least extending the random URL out to the max size allowed (or near it). There's no downside to that.