pfSense + haProxy 1 ip, 2 servers

I have gotten things to work using mode tcp rather than http. However, sometimes one site gets a security error when it gets the incorrect cert. Why does one site get the incorrect cert? is haproxy sending a request to the other server first? how is this possible?

Automaticaly generated, dont edit manually.
Generated on: 2020-07-25 00:06
global
 maxconn			1000
 stats socket /tmp/haproxy.socket level admin  expose-fd listeners
 uid			80
 gid			80
 nbproc			1
 nbthread			1
 hard-stop-after		15m
 chroot				/tmp/haproxy_chroot
 daemon
 tune.ssl.default-dh-param	2048
 server-state-file /tmp/haproxy_server_state
 ssl-server-verify none

listen HAProxyLocalStats
 bind 127.0.0.1:2200 name localstats
 mode http
 stats enable
 stats refresh 10
 stats admin if TRUE
 stats show-legends
 stats uri /haproxy/haproxy_stats.php?haproxystats=1
 timeout client 5000
 timeout connect 5000
 timeout server 5000

frontend mainTLS
 bind			xx.xx.xx.xx:443 name xx.xx.xx.xx:443   
 mode			tcp
 log			global
 timeout client		30000
 default_backend DebianServer_ipvANY

frontend http-to-https
 bind			xx.xx.xx.xx:80 name xx.xx.xx.xx:80   
 mode			http
 log			global
 option			http-keep-alive
 timeout client		30000
 http-request redirect scheme https 

backend DebianServer_ipvANY
 mode			tcp
 id			100
 log			global
 timeout connect		30000
 timeout server		30000
 retries			3
 server			DebianServer 192.168.1.249:443 id 101 check inter 1000  
 server			CorCloud 192.168.1.246:443 id 103 check inter 1000