If a continuationToken is used incorrectly (perhaps reused across unique requests), Nexus will return a 406 Not Acceptable, instead of 400 Bad Request. It seems like a 406 should only involve bad content negotiation headers; the continuationToken is a query string value:
The problem with the continuationToken is logged in this way:
2021-06-16 15:49:56,053+0000 WARN [qtp435861612-346850] *UNKNOWN org.sonatype.nexus.siesta.internal.WebappExceptionMapper - (ID 989ee72d-69d6-470d-8b9e-b2f9721eb80a) Response:  (no entity/body); mapped from: javax.ws.rs.WebApplicationException: Continuation token <the-cont-token> does not match this query
This also isn't a defined response code in the REST API Swagger doc.