As @mike suggests, that should be fine for now and your tracking is first party. Where sp.js loads from doesn’t impact that, only where the /i and /tp2 requests are sent. However it likely won’t be a reliable solution for long due to browsers clamping down on cookies which don’t have the SameSite attribute.
A couple of things you would likely benefit from:
- Upgrade your JS tracker to v2.17.3 so the JS set cookies (
domain_userid) have the SameSite attribute - Rename
sp.jsin your S3 bucket to something random (then the file won’t be blocked by ad blockers) - Look at how you can upgrade to the Stream Collector - You might find this helpful AWS batch pipeline to real-time pipeline upgrade guide
- A little more advanced but a good tip once you’ve upgraded, consider switching to
POSTrequests and creating a customPOST Pathfor your collector (again, helpful for avoid your data collection being swatted by Ad Blockers).