Oath.wyzecam.com using jquery hosted in China... why?

I block traffic in/out of my home network by geographic location of the remote endpoint. I was having a lot of problems trying to login to the forums and eventually realized that jquery wasn’t being loaded. The URL to retrieve it was https://cdn.bootcss.com/jquery/3.3.1/jquery.min.js. This request was being blocked by my firewall rule. I looked up the IP that the hostname was resolving to; (for me, I realize this is a CDN) and ran a search on arin.net. Sure enough, Chinese registrar.

I then ran a traceroute and sure enough, see the route traversing to China.

Am I off-base here, or is there something potentially fishy?

1 Like

It’s concerning, but never attribute to malice that which can be explained by lazy copy and paste coding.

Hitting that URL loads it in plain text so I’m assuming the latter for now…

Okay what I wrote was a bit silly. They’re using that company for services and it’s not a matter of reusing code on Wyze’s servers.

The question is whether it’s “okay” with US users. A couple of years ago Wyze went to some pains to make sure their P2P provider TUTK excluded non-US servers for Wyze customers. I don’t think the same attention was paid to these subsystems.

CDN’s or content delivery networks are very often used for different frameworks associated with all the HTML code in the web pages. The advantage for the web developer in using a CDN is it a lot of users were already have certain files cached on there computer or phone. Bootstrap is a popular mobile-friendly HTML framework. Since web developers are using a dozen different frameworks approximately, visitors to one bootstrap site who visits another bootstrap site will not require an additional download of certain JavaScript and CSS files.

Smart developers will test their website using gtmetrix.com to ensure the website is fast loading and the code wasn’t sloppy.