During a Penetration test, it's possible that your Virtual IP is being revealed. This is because a Port 80 GET / Request containing no Host Header is initiated. This connection hits your Port 80 Redirect Virtual Service. The only value the LoadMaster can return in the Location header is the Virtual IP.
Reconfigure your Port 80 Redirect Virtual Service from https://%h%s to https://domain.com%s. "%s" retains the path/directories.
Navigate to your Port 80 Redirect VS > Advanced Properties > Not available Redirection Handling > Error Code: 302 Found, Redirect URL = https://domain.com%s.