This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.
Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.
Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.
Interesting report on threat actor using XSS to phish Group-IB employess (via @simontsui) :
https://www.group-ib.com/blog/resumelooters/
At first glance these appear to be stored XSS attacks, so not relevant to xss-reflections.