Some CDNs like Akamai and Cloudflare have options to optimize images. We use the Akamai one where I work. It means our creative teams, customers, etc. don’t need to worry too much about whether an image is properly optimized when they upload it. Akamai will, behind the scenes optimize the quality, color palette, and image type (jpg, web, png, etc) and create a number of different versions of the images. Then when a client requests the image Akamai looks at the client device (mobile vs desktop, screen resolution, browser version, etc) and serves the copy of the image that’s best optimized for that device.
So even if the URL ends with .jpg you might be sent a .webp. If you use the browsers developer tool to inspect the response headers you’ll likely see the Content-Type header says it’s .webp as well.
I don’t understand why Cloudflare gets bashed so much over this… EVERY CDN out there does exactly the same thing. It’s how CDN’s work. Whether it’s Akamai, AWS, Google Cloud CDN, Fastly, Microsoft Azure CDN, or some other provider, they all do the same thing. In order to operate properly they need access to unencrypted content so that they can determine how to cache it properly and serve it from those caches instead of always going back to your origin server.
My employer uses both Akamai and AWS, and we’re well aware of this fact and what it means.