The issue is that GDPR doesn't impose any "demand to deny access to a resource or to a set of resources" in these cases (unless the page in question would be unlawfully distributing personally identifiable information in which case 451 would be appropriate). Instead the problem is that GDPR prevents the site owner and its affiliates from collecting and using the users data in illegal ways - it would be fine to return the resources as requested if the server(s) refrained from collecting and processing your data illegally.

It's a bit like claiming "it's against the law for me to give you my phone number" with the reasoning "if you call me up I'll try to sell you drugs which is illegal"...