Requests are proxied so the proxy can rewrite the Referer HTTP header at will, AFAIK.

It looks like they're also downloading images directly from your domain, I see https://www.saashub.com/images/app/service_logos/129/k2q4pxz... for example in my debugger.

Edit: you could maybe add a <meta> tag to define a CSP in but I guess they will remove it [1].

[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP