Hi @yiapcdr ,
I suggest you use fiddler to reproduce this issue and monitor how it happen with fiddler. when you redirect HTTPS to HTTP, the HTTP_REFERER will disappear. Forcing HTTPS will not remove it. In some cases, the HTTP_REFERRER header will be blocked by the firewall or the Web browser itself.
If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.