The response like you have received with an error is an indication of so called “bot protection” installed on your host. Usually that would be something like testcookie-nginx-module. Unfortunately, when Let’s Encrypt “verification agents” are trying to fetch the files, they are also seen as bots and they can’t retrieve the files.
In theory, some sort of whitelisting might help (as for example in the module mentioned), but you might have no access to that configuration, plus you would need to reliably specify the IP ranges Let’s Encrypt is using. In practice, probably the best way to avoid the issue is to use the DNS verification instead.