L.S.
Uri = -https://191.241.39.42:3000/sortDataThpt.html?col=-2&showH=0&showL=1
This is where it hosted and the accompanying vulnerabilties found there…https://www.shodan.io/host/191.241.39.42
port 3000 → Server: ntop/3.3 (i686-pc-linux-gnu)
No detections given here: https://www.virustotal.com/gui/url/09ce1e788c632db33796211b14bf265a0c012965ca4f29750a1df102d5e014b9/detection
neither here: https://www.virustotal.com/gui/ip-address/191.241.39.42/relations
Is it a downgrade attack? taskassist-pa.clients6.google.com HTTP Server, Flag for gTLD code com?
polonus