Poloniex C# Trading API webRequest comes back (403) Forbidden

I have my code down to the essentials for testing access, but am receiving the good old error(403) from the server, I have verified for double-sure I am using the correct API Key/Secret pair. My Code (C# via Unity 3D) is as follows:

using System.Collections;
using System.Collections.Generic;
using UnityEngine;
using System;
using System.Security.Cryptography;
using System.IO;
using System.Text;
using System.Net;

public class PolonScript : MonoBehaviour
{    
    public TextMesh OutputText;    

    const string _apiKey = "---apiKey---";
    const string _apiSecret = "---apiSecret---";

    void Start()
    {   
        string nonce = DateTime.Now.ToString ("HHmmss");      

        const string WEBSERVICE_URL = "https://poloniex.com/tradingApi";
        try 
        {
            var webRequest = System.Net.WebRequest.Create (WEBSERVICE_URL);
            if (webRequest != null) 
            {
                webRequest.Method = "POST";
                //webRequest.Timeout = 12000;
                webRequest.ContentType = "application/x-www-form-urlencoded";    

                byte[] dataStream = 
                    Encoding.UTF8.GetBytes("command=returnBalances&nonce=" + nonce);    

                webRequest.Headers.Add("Key", _apiKey);
                webRequest.Headers.Add("Sign", genHMAC (dataStream));   

                Stream newStream = webRequest.GetRequestStream();
                newStream.Write(dataStream, 0, dataStream.Length);
                newStream.Close();    

                using (System.IO.Stream s = 
                        webRequest.GetResponse().GetResponseStream()) 
                {
                    using (System.IO.StreamReader sr = new System.IO.StreamReader(s)) 
                    {
                        var jsonResponse = sr.ReadToEnd();
                        OutputText.text = jsonResponse.ToString();
                    }
                }
            }
        } 
        catch (WebException ex) 
        {
            OutputText.text = ex.ToString();
        }           
    }
    //end-of-start()

    private string genHMAC(byte[] dataStreamInput)
    {    
        byte [] APISecret_Bytes = 
               System.Text.Encoding.UTF8.GetBytes(_apiSecret);
        HMACSHA512 hmac = new HMACSHA512(APISecret_Bytes);    

        var signBytes = hmac.ComputeHash(dataStreamInput);    

        string HexDecString = string.Empty;
        for (int i = 0; i < signBytes.Length; i++)
        {
            HexDecString += signBytes[i].ToString("X2");
        }

        return HexDecString;    
    }
}

So why am I receiving the (403) Forbidden using accurate credentials?

I tried this to see the reason:

catch (WebException ex) 
{           
    OutputText.text = ex.Response.Headers.ToString ();
}

and receive the following

//Date: Sat, 14 Apr 2018 15:34:56 GMT
//Content-Type: application/json
//Transfer-Encoding: chunked
//Connection: keep-alive
//Set-Cookie: __cfduid=dd1b32592915674669120afbf8181141b1523720096; expires=Sun, 14-Apr-19 15:34:56 GMT; path=/; domain=.poloniex.com; HttpOnly
//Cache-Control: private
//Expect-CT: max-age=604800, report-uri="https://report-//uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
//Server: cloudflare
//CF-RAY: 40b73d4b8c98552e-ORD