Subnet 169.254.x.x (169.254.0.0/16) is called a "link local" address and is allocated when there is no authoritative DHCP server on the client's network. For example, your PC will assign 169.254.x.x to itself if you plug your PC into another device that has a functional ethernet connection but, has no functional TCP/IP stack. You get the message, "no or limited internet connection." Packets directed at link local addresses [should] never get routed.
Theory: The XHR target IP is crap JS code (that worked on their test LAN) that someone in a hurry copied verbatim and released without testing in the wild?
Or: Your browser/anti-virus is modifying the end point as to send traffic into a black hole?