Unless that’s a disguised redirect link, I’m wondering if the server somehow mistakenly hosted it here. Or possibly the image was already hosted on Lemm.ee, and the server software decided to list the match link rather than the new one you provided.
If it sounds like I’m trying to make something out of nothing, I’m just concerned that there might be an image loophole attackers might use, as with what happened to Lemmy.World some weeks back.