It seems your website is using Cloudflare, which used to bypass the browser validation system (under the assumption that Cloudflare provides adequate protection). But something appears to have changed and now Cloudflare is no longer exempt.
I’m not sure exactly what changed or why, but I can tell you that I cannot guarantee that the previous situation where you could receive webhooks while using Cloudflare will be restored.