KrOW It appears to be anti-bot / anti-scraping protection, from an nginx module that sends a "challenge cookie": https://fakrul.me/2013/11/30/nginx-testcookie-nginx-module/ The server does indeed appear to be running nginx: https://toolbar.netcraft.com/site_report?url=http://www.sololearnthings.epizy.com ...which supports this theory.

Do you mind posting a CodePlayground code exhibiting the above problem?

Brent Meeusen This is what is loaded on request: <html><body><script type="text/javascript" src="/aes.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("f655ba9d09a112d4968c63579db590b4"),b=toNumbers("98344c2eee86c3994890592585b49f80"),c=toNumbers("70af821429b250f6d4cdfcb39b9e95c8");document.cookie="__test="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"; location.href="http://www.sololearnthings.epizy.com/sldb.js?i=1";</script><noscript>This site requires Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript></body></html>

That anti-bot/scraping protection actually appears to be the problem, not only for some testing tools I have but for the SoloLearn app. When it decides that you're not a bot, it issues a "location.href =" .... but that's not supported in Sololearn's app (it's not available in the Android Webview component). The redirect link (in KrOW's answer) seems to just get more HTML which of course breaks the script. There may still be a solution to this but you may need to consider using a host or method that doesn't redirect like this.

Brent Meeusen You could search SoloLearn's Q&A for "hosting" (of course, there's a bias towards 'free' hosting here) if you want to try an alternate host...

That js file its strange.... If you request it, server responde you with an html that load an aes encrypted code, set a cookie and load real js file... I suggest you of dont trust if you dont know the source

Kirk Schafer Yes you have right its an antibot protection

And i have readed that its not possible disable this protection on free but only with premium subscription