Yes, it's odd to me that everyone has to serve some random JS from some random ( to me very untrusted) third party cdn server. Why every single random site has to have like 8 different domains with random character variations and serve javascript from it. To me that seems completely bonkers, absolutely unstrustworthy and extremely lame, as if they have no actual money to do it like a normal person.
Like FB serving stuff from facebook dor com but also from random, lame domain fbcdn AND also fbsbx (wtf is that???!?, i dont trust it at all). And thats on the "reasonable side", random wordpress site or eshop is a complete nightmare in this regard.
The reason used to be performance, but now with modern browsers and especially HTTP3 I doubt that is true anymore.
I guess the separation into CDN and non-CDN stuff could still make sense since you can serve static resources from even closer to the user than you serve your dynamic stuff while avoiding having the CDN proxy traffic to the website backend.
