I can produce this error. The traffic manager works at the DNS level, It uses DNS responses to direct clients to the appropriate service endpoint. Therefore, any HTTP error you see must be coming from your application. Just like the document states
The HTTP host header sent from the client's browser is the most common
source of problems. Make sure that the application is configured to
accept the correct host header for the domain name you are using.
Per my understanding, we are using *.trafficmanager.net
to access the static websites in blob storage, which is by default only accepting the primary endpoint host like xxx.z13.web.core.windows.net
if there is no custom domain configuration. So we need to add such host *.trafficmanager.net
in the blob storage.
Moreover, for endpoints using the Azure App Service, Azure automatically add a hostname *.trafficmanager.net
in the custom domains of Azure App Service after you add app service endpoint. You could see Configuring a custom domain name for a web app in Azure App Service using Traffic Manager.
Also, please note that the traffic manager cannot provide any certificate validation referring to this.
Hope this makes sense.