It's protected by anti-DDoS and homebrew doesn't follow HTTP redirects.
USBLoaderGX has "302 REDIRECT" support, but maybe the redirect is not done from the HTTP header but using a script? probably a reload script after setting the access cookie.
what could be done is a workaround and check if it's trying to load geckocodes website, then serves a specific cookie, or if dynamically generated store it and force a manual reload of the page using the generated cookie.
cookies are easy to add to homebrew, it should be a fun exercise to do to get back into coding. (when I'll have some free time)
cookie: challenge=BitMitigate
it's not using secure protocol, and the expiration is set to 1 hour.
It's easy to force that cookie name/value when detecting any download from geckocodes. It's not clean, but it should work. A clean method would be to read all cookies from all sites, and store them as session cookies until the loader exits.
Xflak : you probably have the same DDOS problem. I'm not sure the cookie is enough, it's just a supposition until someone tries.