You mention that your Origin Request policy is not configured to forward cookies, but what about your Cache policy? If cookies are included in the cache policy, they will automatically be forwarded to the origin. Please refer to https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html for details on Cache policy.
I think the problem here was related to another question that you asked - the DNS records for your domain did not point to CloudFront, so requests were being made directly to the ALB. This is evident in the response headers above - if the request had been handled by CloudFront then the Server response header would have a value of 'CloudFront' and you'd also have CloudFront specific headers like x-amz-cf-id, x-amz-cf-pop and x-cache. It looks like your DNS is now correctly configured so I expect you are no longer experiencing this issue.
S3 bucket policy to allow CloudFront loggingAccepted Answerasked 4 months ago
CloudFront breaks session sickinessasked 10 months ago
Strange Behavior with CloudFront CORS requests using signed cookies and with credentials, not sending back Access-Control-Allow-Credentials unless I include some extra headerasked 9 months ago
Cloudfront S3 origin response 403 for the Options requestAccepted Answerasked 3 months ago
[Cloudfront] Are there security implications to the ALL_VIEWER origin request policy?Accepted Answerasked a year ago
Cloudfront is forwarding cookies when it was suppose not toasked 3 months ago
authentication for APIGateway using CloudFront cookiesAccepted Answerasked 10 months ago
API Gateway Origin of Cloudfront Behavior giving 403 forbiddenAccepted Answerasked 3 months ago
How is a CloudFront origin deemed unavailable?asked 9 months ago
Avoid resetting Cloudfront cache policy on Amplify deploymentasked 6 months ago