Thank you for your answer.
Security Profiles (AV, WF, AC, IPS, WAF) are all applied to the firewall policy for this issue.
We tested it by removing one profile at a time, and removing AV profile resolved the problem.
I think AV profile is the reason for the problem. However, the setting is a monitor, not a block, and it is questionable that there was a problem at this time.