diff --git a/Discovery/Web-Content/BurpSuite-ParamMiner/lowercase_headers b/Discovery/Web-Content/BurpSuite-ParamMiner/lowercase_headers
new file mode 100644
index 0000000..8ff7e68
--- /dev/null
+++ b/Discovery/Web-Content/BurpSuite-ParamMiner/lowercase_headers
@@ -0,0 +1,1102 @@
+Accept
+Accept-Application
+Accept-Charset
+Accepted
+Accept-Encoding
+Accept-Encodxng
+Accept-Language
+Accept-Ranges
+Accept-Version
+Access-Control-Allow-Credentials
+Access-Control-Allow-Headers
+Access-Control-Allow-Methods
+Access-Control-Allow-Origin
+Access-Control-Expose-Headers
+Access-Control-Max-Age
+Access-Control-Request-Headers
+Access-Control-Request-Method
+Accesskey
+Access-Token
+Action
+Admin
+Age
+Ajax
+Akamai-Origin-Hop
+Allow
+App
+Appcookie
+App-Env
+App-Key
+Apply-To-Redirect-Ref
+Appname
+Appversion
+Atcept-Language
+Auth
+Auth-Any
+Auth-Basic
+Auth-Digest
+Auth-Digest-Ie
+Authentication
+Auth-Gssneg
+Auth-Key
+Auth-Ntlm
+Authorization
+Auth-Password
+Auth-Realm
+Auth-Type
+Auth-User
+Bad-Gateway
+Bad-Request
+Bae-Env-Addr-Bcms
+Bae-Env-Addr-Bcs
+Bae-Env-Addr-Bus
+Bae-Env-Addr-Channel
+Bae-Env-Addr-Sql-Ip
+Bae-Env-Addr-Sql-Port
+Bae-Env-Ak
+Bae-Env-Appid
+Bae-Env-Sk
+Bae-Logid
+Bar
+Base
+Base-Url
+Basic
+Bearer-Indication
+Body-Maxlength
+Body-Truncated
+Brief
+Browser-User-Agent
+Cache-Control
+Cache-Info
+Case-Files
+Catalog
+Catalog-Server
+Category
+Cert-Cookie
+Cert-Flags
+Cert-Issuer
+Cert-Keysize
+Cert-Secretkeysize
+Cert-Serialnumber
+Cert-Server-Issuer
+Cert-Server-Subject
+Cert-Subject
+Cf-Connecting-Ip
+Cf-Ipcountry
+Cf-Template-Path
+Cf-Visitor
+Ch
+Challenge-Response
+Charset
+Chunk-Size
+Client
+Clientaddress
+Client-Address
+Client-Bad-Request
+Client-Conflict
+Client-Error-Cannot-Access-Local-File
+Client-Error-Cannot-Connect
+Client-Error-Communication-Failure
+Client-Error-Connect
+Client-Error-Invalid-Parameters
+Client-Error-Invalid-Server-Address
+Client-Error-No-Error
+Client-Error-Protocol-Failure
+Client-Error-Unspecified-Error
+Client-Expectation-Failed
+Client-Forbidden
+Client-Gone
+Clientip
+Client-Ip
+Client-Length-Required
+Client-Method-Not-Allowed
+Client-Not-Acceptable
+Client-Not-Found
+Client-Payment-Required
+Client-Precondition-Failed
+Client-Proxy-Auth-Required
+Client-Quirk-Mode
+Client-Requested-Range-Not-Possible
+Client-Request-Timeout
+Client-Request-Too-Large
+Client-Request-Uri-Too-Large
+Client-Unauthorized
+Client-Unsupported-Media-Type
+Cloudfront-Viewer-Country
+Cloudinary-Name
+Cloudinary-Public-Id
+Cloudinaryurl
+Cloudinary-Version
+Code
+Coming-From
+Compress
+Conflict
+Connection
+Connection-Type
+Contact
+Content
+Content-Disposition
+Content-Encoding
+Content-Language
+Content-Length
+Content-Location
+Content-Md5
+Content-Range
+Content-Security-Policy
+Content-Security-Policy-Report-Only
+Content-Type
+Content-Type-Xhtml
+Context-Path
+Continue
+Cookie
+Cookie2
+Cookie-Domain
+Cookie-Httponly
+Cookie-Parse-Raw
+Cookie-Path
+Cookies
+Cookie-Secure
+Cookie-Vars
+Core-Base
+Created
+Credentials-Filepath
+Curl
+Curl-Multithreaded
+Custom-Header
+Custom-Secret-Header
+Dataserviceversion
+Date
+Debug
+Deflate-Level-Def
+Deflate-Level-Max
+Deflate-Level-Min
+Deflate-Strategy-Def
+Deflate-Strategy-Filt
+Deflate-Strategy-Fixed
+Deflate-Strategy-Huff
+Deflate-Strategy-Rle
+Deflate-Type-Gzip
+Deflate-Type-Raw
+Deflate-Type-Zlib
+Delete
+Depth
+Destination
+Destroy
+Devblocksproxybase
+Devblocksproxyhost
+Devblocksproxyssl
+Device-Stock-Ua
+Digest
+Dir
+Dir-Name
+Dir-Resource
+Disable-Gzip
+Dkim-Signature
+Dnt
+Download-Attachment
+Download-Bad-Url
+Download-Bz2
+Download-Cut-Short
+Download-E-Headers-Sent
+Download-E-Invalid-Archive-Type
+Download-E-Invalid-Content-Type
+Download-E-Invalid-File
+Download-E-Invalid-Param
+Download-E-Invalid-Request
+Download-E-Invalid-Resource
+Download-E-No-Ext-Mmagic
+Download-E-No-Ext-Zlib
+Download-Inline
+Download-Mime-Type
+Download-No-Server
+Download-Size
+Download-Status-Not-Found
+Download-Status-Server-Error
+Download-Status-Unauthorized
+Download-Status-Unknown
+Download-Tar
+Download-Tgz
+Download-Url
+Download-Zip
+E-Encoding
+E-Header
+E-Invalid-Param
+E-Malformed-Headers
+E-Message-Type
+Enable-Gzip
+Enable-No-Cache-Headers
+Encoding-Stream-Flush-Full
+Encoding-Stream-Flush-None
+Encoding-Stream-Flush-Sync
+Env-Silla-Environment
+Env-Vars
+E-Querystring
+E-Request
+E-Request-Method
+E-Request-Pool
+E-Response
+Error
+Error-1
+Error-2
+Error-3
+Error-4
+Error-Formatting-Html
+E-Runtime
+E-Socket
+Espo-Authorization
+Espo-Cgi-Auth
+Etag
+E-Url
+Eve-Charid
+Eve-Charname
+Eve-Solarsystemid
+Eve-Solarsystemname
+Eve-Trusted
+Ex-Copy-Movie
+Expect
+Expectation-Failed
+Expires
+Ext
+Failed-Dependency
+Fake-Header
+Fastly-Client-Ip
+Fb-Appid
+Fb-Secret
+Filename
+File-Not-Found
+Files
+Files-Vars
+Fire-Breathing-Dragon
+Foo
+Foo-Bar
+Forbidden
+Force-Language
+Force-Local-Xhprof
+Format
+Forwarded
+Forwarded-For
+Forwarded-For-Ip
+Forwarded-Proto
+From
+Fromlink
+Front-End-Https
+Gateway-Interface
+Gateway-Time-Out
+Get
+Get-Vars
+Givenname
+Global-All
+Global-Cookie
+Global-Get
+Global-Post
+Gone
+Google-Code-Project-Hosting-Hook-Hmac
+Gzip-Level
+H0st
+Head
+Header
+Header-Lf
+Header-Status-Client-Error
+Header-Status-Informational
+Header-Status-Redirect
+Header-Status-Server-Error
+Header-Status-Successful
+Home
+Host
+Hosti
+Host-Liveserver
+Host-Name
+Host-Unavailable
+Htaccess
+Http-Accept
+Http-Accept-Encoding
+Http-Accept-Language
+Http-Authorization
+Http-Connection
+Http-Cookie
+Http-Host
+Http-Phone-Number
+Http-Referer
+Https
+Https-From-Lb
+Https-Keysize
+Https-Secretkeysize
+Https-Server-Issuer
+Https-Server-Subject
+Http-Url
+Http-User-Agent
+If
+If-Match
+If-Modified-Since
+If-Modified-Since-Version
+If-None-Match
+If-Posted-Before
+If-Range
+If-Unmodified-Since
+If-Unmodified-Since-Version
+Image
+Images
+Incap-Client-Ip
+Info
+Info-Download-Size
+Info-Download-Time
+Info-Return-Code
+Info-Total-Request-Stat
+Info-Total-Response-Stat
+Insufficient-Storage
+Internal-Server-Error
+Ipresolve-Any
+Ipresolve-V4
+Ipresolve-V6
+Ischedule-Version
+Iv-Groups
+Iv-User
+Javascript
+Jenkins
+Keep-Alive
+Kiss-Rpc
+Label
+Large-Allocation
+Last-Event-Id
+Last-Modified
+Length-Required
+Link
+Local-Addr
+Local-Content-Sha1
+Local-Dir
+Location
+Locked
+Lock-Token
+Mail
+Max-Conn
+Maxdataserviceversion
+Max-Forwards
+Max-Request-Size
+Max-Uri-Length
+Message
+Message-B
+Meth-
+Meth-Acl
+Meth-Baseline-Control
+Meth-Checkin
+Meth-Checkout
+Meth-Connect
+Meth-Copy
+Meth-Delete
+Meth-Get
+Meth-Head
+Meth-Label
+Meth-Lock
+Meth-Merge
+Meth-Mkactivity
+Meth-Mkcol
+Meth-Mkworkspace
+Meth-Move
+Method
+Method-Not-Allowed
+Meth-Options
+Meth-Post
+Meth-Propfind
+Meth-Proppatch
+Meth-Put
+Meth-Report
+Meth-Trace
+Meth-Uncheckout
+Meth-Unlock
+Meth-Update
+Meth-Version-Control
+Mimetype
+Modauth
+Mode
+Mod-Env
+Mod-Rewrite
+Mod-Security-Message
+Module-Class
+Module-Class-Path
+Module-Name
+Moved-Permanently
+Moved-Temporarily
+Ms-Asprotocolversion
+Msg-None
+Msg-Request
+Msg-Response
+Msisdn
+Multipart-Boundary
+Multiple-Choices
+Multi-Status
+My-Header
+Mysqlport
+Native-Sockets
+Negotiate
+Nl
+No-Content
+Non-Authoritative
+Nonce
+Not-Acceptable
+Not-Exists
+Not-Extended
+Not-Found
+Notification-Template
+Not-Implemented
+Not-Modified
+Oc-Chunked
+Ocs-Apirequest
+Ok
+On-Behalf-Of
+Onerror-Continue
+Onerror-Die
+Onerror-Return
+Opencart
+Options
+Organizer
+Origin
+Originator
+Orig_path_info
+Overwrite
+Params-Allow-Comma
+Params-Allow-Failure
+Params-Default
+Params-Get-Catid
+Params-Get-Currentday
+Params-Get-Disposition
+Params-Get-Downwards
+Params-Get-Givendate
+Params-Get-Lang
+Params-Get-Type
+Params-Raise-Error
+Partial-Content
+Passkey
+Password
+Path
+Path-Base
+Path-Info
+Path-Themes
+Path-Translated
+Payment-Required
+Pc-Remote-Addr
+Phone-Number
+Php
+Php-Auth-Pw
+Php-Auth-User
+Phpthreads
+Pink-Pony
+Port
+Portsensor-Auth
+Post
+Post-Error
+Post-Files
+Postredir-301
+Postredir-302
+Postredir-All
+Post-Vars
+Pragma
+Pragma-No-Cache
+Precondition-Failed
+Prefer
+Processing
+Profile
+Protocol
+Protocols
+Proxy
+Proxy-Agent
+Proxy-Authenticate
+Proxy-Authentication-Required
+Proxy-Authorization
+Proxy-Connection
+Proxy-Host
+Proxy-Http
+Proxy-Http-1-0
+Proxy-Password
+Proxy-Port
+Proxy-Pwd
+Proxy-Request-Fulluri
+Proxy-Socks4
+Proxy-Socks4a
+Proxy-Socks5
+Proxy-Socks5-Hostname
+Proxy-Url
+Proxy-User
+Public-Key-Pins
+Public-Key-Pins-Report-Only
+Pull
+Put
+Querystring
+Query-String
+Querystring-Type-Array
+Querystring-Type-Bool
+Querystring-Type-Float
+Querystring-Type-Int
+Querystring-Type-Object
+Querystring-Type-String
+Range
+Range-Not-Satisfiable
+Raw-Post-Data
+Read-State-Begin
+Read-State-Body
+Read-State-Headers
+Real-Ip
+Real-Method
+Reason
+Reason-Phrase
+Recipient
+Redirect
+Redirected-Accept-Language
+Redirect-Found
+Redirection-Found
+Redirection-Multiple-Choices
+Redirection-Not-Modified
+Redirection-Permanent
+Redirection-See-Other
+Redirection-Temporary
+Redirection-Unused
+Redirection-Use-Proxy
+Redirect-Perm
+Redirect-Post
+Redirect-Problem-Withoutwww
+Redirect-Problem-Withwww
+Redirect-Proxy
+Redirect-Temp
+Ref
+Referer
+Referer 
+Referrer
+Referrer-Policy
+Refferer
+Refresh
+Remix-Hash
+Remote-Addr
+Remote-Host
+Remote-Host-Wp
+Remote-User
+Remote-Userhttps
+Report-To
+Request
+Request2-Tests-Base-Url
+Request2-Tests-Proxy-Host
+Request-Entity-Too-Large
+Request-Error
+Request-Error-File
+Request-Error-Gzip-Crc
+Request-Error-Gzip-Data
+Request-Error-Gzip-Method
+Request-Error-Gzip-Read
+Request-Error-Proxy
+Request-Error-Redirects
+Request-Error-Response
+Request-Error-Url
+Request-Http-Ver-1-0
+Request-Http-Ver-1-1
+Request-Mbstring
+Request-Method
+Request-Method-
+Request-Method-Delete
+Request-Method-Get
+Request-Method-Head
+Request-Method-Options
+Request-Method-Post
+Request-Method-Put
+Request-Method-Trace
+Request-Timeout
+Request-Time-Out
+Requesttoken
+Request-Uri
+Request-Uri-Too-Large
+Request-Vars
+Reset-Content
+Response
+Rest-Key
+Rest-Sign
+Retry-After
+Returned-Error
+Rlnclientipaddr
+Root
+Safe-Ports-List
+Safe-Ports-Ssl-List
+Schedule-Reply
+Scheme
+Script-Name
+Secretkey
+Sec-Websocket-Accept
+Sec-Websocket-Extensions
+Sec-Websocket-Key
+Sec-Websocket-Key1
+Sec-Websocket-Key2
+Sec-Websocket-Origin
+Sec-Websocket-Protocol
+Sec-Websocket-Version
+See-Other
+Self
+Send-X-Frame-Options
+Server
+Server-Bad-Gateway
+Server-Error
+Server-Gateway-Timeout
+Server-Internal
+Server-Name
+Server-Not-Implemented
+Server-Port
+Server-Port-Secure
+Server-Protocol
+Server-Service-Unavailable
+Server-Software
+Server-Unsupported-Version
+Server-Vars
+Server-Varsabantecart
+Service-Unavailable
+Session-Id-Tag
+Session-Vars
+Set-Cookie
+Set-Cookie2
+Shib-
+Shib-Application-Id
+Shib-Identity-Provider
+Shib-Logouturl
+Shopilex
+Slug
+Sn
+Soapaction
+Socket-Connection-Err
+Socketlog
+Somevar
+Sourcemap
+Sp-Client
+Sp-Host
+Ssl
+Ssl-Https
+Ssl-Offloaded
+Sslsessionid
+Ssl-Session-Id
+Ssl-Version-Any
+Start
+Status
+Status-
+Status-403
+Status-403-Admin-Del
+Status-404
+Status-Bad-Request
+Status-Code
+Status-Forbidden
+Status-Ok
+Status-Platform-403
+Strict-Transport-Security
+Str-Match
+Success-Accepted
+Success-Created
+Success-No-Content
+Success-Non-Authoritative
+Success-Ok
+Success-Partial-Content
+Success-Reset-Content
+Support
+Support-Encodings
+Support-Events
+Support-Magicmime
+Support-Requests
+Support-Sslrequests
+Surrogate-Capability
+Switching-Protocols
+Te
+Temporary-Redirect
+Test
+Test-Config
+Test-Server-Path
+Test-Something-Anything
+Ticket
+Timeout
+Time-Out
+Timing-Allow-Origin
+Title
+Tk
+Tmp
+Token
+Trailer
+Transfer-Encoding
+Translate
+Transport-Err
+True-Client-Ip
+Ua
+Ua-Color
+Ua-Cpu
+Ua-Os
+Ua-Pixels
+Ua-Resolution
+Ua-Voice
+Unauthorized
+Unencoded-Url
+Unit-Test-Mode
+Unless-Modified-Since
+Unprocessable-Entity
+Unsupported-Media-Type
+Upgrade
+Upgrade-Insecure-Requests
+Upgrade-Required
+Upload-Default-Chmod
+Uri
+Url
+Url-From-Env
+Url-Join-Path
+Url-Join-Query
+Url-Replace
+Url-Sanitize-Path
+Url-Strip-
+Url-Strip-All
+Url-Strip-Auth
+Url-Strip-Fragment
+Url-Strip-Pass
+Url-Strip-Path
+Url-Strip-Port
+Url-Strip-Query
+Url-Strip-User
+Use-Gzip
+Use-Proxy
+User
+Useragent
+User-Agent
+Useragent-Via
+User-Agent-Via
+User-Email
+User-Id
+User-Mail
+User-Name
+User-Photos
+Util
+Variant-Also-Varies
+Vary
+Verbose
+Verbose-Throttle
+Verify-Cert
+Version
+Version-1-0
+Version-1-1
+Version-Any
+Versioncode
+Version-None
+Version-Not-Supported
+Via
+Viad
+Waf-Stuff-Below
+Wap-Connection
+Warning
+Webodf-Member-Id
+Webodf-Session-Id
+Webodf-Session-Revision
+Web-Server-Api
+Work-Directory
+Www-Address
+Www-Authenticate
+X
+X-
+X-Aastra-Expmod1
+X-Aastra-Expmod2
+X-Aastra-Expmod3
+X-Accel-Mapping
+X-Access-Token
+X-Advertiser-Id
+X-Ajax-Real-Method
+X_alto_ajax_key
+X-Alto-Ajax-Keyz
+X-Amz-Date
+X-Amzn-Remapped-Host
+X-Amz-Website-Redirect-Location
+X-Api-Key
+X-Api-Signature
+X-Api-Timestamp
+X-Apitoken
+X-Apple-Client-Application
+X-Apple-Store-Front
+X-Arr-Log-Id
+X-Arr-Ssl
+X-Att-Deviceid
+X-Authentication
+X-Authentication-Key
+X-Auth-Key
+X-Auth-Mode
+Xauthorization
+X-Authorization
+X-Auth-Password
+X-Auth-Service-Provider
+X-Auth-Token
+X-Auth-User
+X-Auth-Userid
+X-Auth-Username
+X-Avantgo-Screensize
+X-Azc-Remote-Addr
+X-Bear-Ajax-Request
+X-Bluecoat-Via
+X-Bolt-Phone-Ua
+X-Browser-Height
+X-Browser-Width
+X-Cascade
+X-Cept-Encoding
+X-Cf-Url
+X-Chrome-Extension
+X-Cisco-Bbsm-Clientip
+X-Client-Host
+X-Client-Id
+X-Clientip
+X-Client-Ip
+X-Client-Key
+X-Client-Os
+X-Client-Os-Ver
+X-Cluster-Client-Ip
+X-Codeception-Codecoverage
+X-Codeception-Codecoverage-Config
+X-Codeception-Codecoverage-Debug
+X-Codeception-Codecoverage-Suite
+X-Collect-Coverage
+X-Coming-From
+X-Confirm-Delete
+X-Content-Type
+X-Content-Type-Options
+X-Credentials-Request
+X-Csrf-Crumb
+X-Csrftoken
+X-Csrf-Token
+X-Cuid
+X-Custom
+X-Dagd-Proxy
+X-Davical-Testcase
+X-Dcmguid
+X-Debug-Test
+X-Device-User-Agent
+X-Dialog
+X-Dns-Prefetch-Control
+X-Dokuwiki-Do
+X-Do-Not-Track
+X-Drestcg
+X-Dsid
+X-Elgg-Apikey
+X-Elgg-Hmac
+X-Elgg-Hmac-Algo
+X-Elgg-Nonce
+X-Elgg-Posthash
+X-Elgg-Posthash-Algo
+X-Elgg-Time
+X-Em-Uid
+X-Enable-Coverage
+X-Environment-Override
+X-Expected-Entity-Length
+X-Experience-Api-Version
+X-Fb-User-Remote-Addr
+X-File-Id
+X-Filename
+X-File-Name
+X-File-Resume
+X-File-Size
+X-File-Type
+X-Firelogger
+X-Fireloggerauth
+X-Firephp-Version
+X-Flash-Version
+X-Flx-Consumer-Key
+X-Flx-Consumer-Secret
+X-Flx-Redirect-Url
+X-Foo
+X-Foo-Bar
+X-Forwarded
+X-Forwarded-By
+X-Forwarded-For
+X-Forwarded-For-Original
+X-Forwarded-Host
+X-Forwarded-Port
+X-Forwarded-Proto
+X-Forwarded-Protocol
+X-Forwarded-Scheme
+X-Forwarded-Server
+X-Forwarded-Ssl
+X-Forwarded-Ssl 
+X-Forwarder-For
+X-Forward-For
+X-Forward-Proto
+X-From
+X-Gb-Shared-Secret
+X-Geoip-Country
+X-Get-Checksum
+X-Helpscout-Event
+X-Helpscout-Signature
+X-Hgarg-
+X-Host
+X-Http-Destinationurl
+X-Http-Host-Override
+X-Http-Method
+X-Http-Method-Override
+X-Http-Path-Override
+X-Https
+X-Htx-Agent
+X-Huawei-Userid
+X-Hub-Signature
+X-If-Unmodified-Since
+X-Imbo-Test-Config
+X-Insight
+X-Ip
+X-Ip-Trail
+X-Iwproxy-Nesting
+X-Jphone-Color
+X-Jphone-Display
+X-Jphone-Geocode
+X-Jphone-Msname
+X-Jphone-Uid
+X-Json
+X-Kaltura-Remote-Addr
+X-Known-Signature
+X-Known-Username
+X-Litmus
+X-Litmus-Second
+X-Locking
+X-Machine
+X-Mandrill-Signature
+X-Method-Override
+X-Mobile-Gateway
+X-Mobile-Ua
+X-Mosso-Dt
+X-Moz
+X-Msisdn
+X-Ms-Policykey
+X-Myqee-System-Debug
+X-Myqee-System-Hash
+X-Myqee-System-Isadmin
+X-Myqee-System-Isrest
+X-Myqee-System-Pathinfo
+X-Myqee-System-Project
+X-Myqee-System-Rstr
+X-Myqee-System-Time
+X-Network-Info
+X-Nfsn-Https
+X-Ning-Request-Uri
+X-Nokia-Bearer
+X-Nokia-Connection-Mode
+X-Nokia-Gateway-Id
+X-Nokia-Ipaddress
+X-Nokia-Msisdn
+X-Nokia-Wia-Accept-Original
+X-Nokia-Wtls
+X-Nuget-Apikey
+X-Oc-Mtime
+Xonnection
+X-Opera-Info
+X-Operamini-Features
+X-Operamini-Phone
+X-Operamini-Phone-Ua
+X-Options
+X-Orange-Id
+X-Orchestra-Scheme
+X-Orig-Client
+X-Original-Host
+X-Original-Http-Command
+X-Originally-Forwarded-For
+X-Originally-Forwarded-Proto
+X-Original-Remote-Addr
+X-Original-Url
+X-Original-User-Agent
+X-Originating-Ip
+X-Os-Prefs
+X-Overlay
+X-Pagelet-Fragment
+X-Password
+Xpdb-Debugger
+X-Phabricator-Csrf
+X-Phpbb-Using-Plupload
+X-Pjax
+X-Pjax-Container
+X-Prototype-Version
+Xproxy
+X-Proxy-Url
+X-Pswd
+X-Purpose
+X-Qafoo-Profiler
+X-Real-Ip
+X-Remote-Addr
+X-Remote-Protocol
+X-Render-Partial
+X-Request
+X-Requested-With
+X-Request-Id
+X-Request-Signature
+X-Request-Start
+X-Request-Timestamp
+X-Response-Format
+X-Rest-Cors
+X-Rest-Password
+X-Rest-Username
+X-Rewrite-Url
+Xroxy-Connection
+X-Sakura-Forwarded-For
+X-Scalr-Auth-Key
+X-Scalr-Auth-Token
+X-Scalr-Env-Id
+X-Scanner
+X-Scheme
+X-Screen-Height
+X-Screen-Width
+X-Sendfile-Type
+X-Serialize
+X-Serial-Number
+X-Server-Id
+X-Server-Name
+X-Server-Port
+X-Signature
+X-Sina-Proxyuser
+X-Skyfire-Phone
+X-Skyfire-Screen
+X-Ssl
+X-Subdomain
+X-Te
+X-Teamsite-Preremap
+X-Test-Session-Id
+X-Timer
+X-Tine20-Jsonkey
+X-Tine20-Request-Type
+X-Tomboy-Client
+X-Tor
+X-Twilio-Signature
+X-Ua-Device
+X-Ucbrowser-Device-Ua
+X-Uidh
+X-Unique-Id
+X-Uniquewcid
+X-Up-Calling-Line-Id
+X-Update
+X-Update-Range
+X-Up-Devcap-Iscolor
+X-Up-Devcap-Screendepth
+X-Up-Devcap-Screenpixels
+X-Upload-Maxresolution
+X-Upload-Name
+X-Upload-Size
+X-Upload-Type
+X-Up-Subno
+X-Url-Scheme
+X-User
+X-User-Agent
+X-Username
+X-Varnish
+X-Verify-Credentials-Authorization
+X-Vodafone-3gpdpcontext
+X-Wap-Clientid
+X-Wap-Client-Sdu-Size
+X-Wap-Gateway
+X-Wap-Network-Client-Ip
+X-Wap-Network-Client-Msisdn
+X-Wap-Profile
+X-Wap-Proxy-Cookie
+X-Wap-Session-Id
+X-Wap-Tod
+X-Wap-Tod-Coded
+X-Whatever
+X-Wikimedia-Debug
+X-Wp-Nonce
+X-Wp-Pjax-Prefetch
+X-Ws-Api-Key
+X-Xc-Schema-Version
+X-Xhprof-Debug
+X-Xhr-Referer
+X-Xmlhttprequest
+X-Xpid
+Xxx-Real-Ip
+Xxxxxxxxxxxxxxx
+X-Zikula-Ajax-Token
+X-Zotero-Version
+X-Ztgo-Bearerinfo
+Y
+Zotero-Api-Version
+Zotero-Write-Token
diff --git a/Discovery/Web-Content/BurpSuite-ParamMiner/uppercase_headers b/Discovery/Web-Content/BurpSuite-ParamMiner/uppercase_headers
new file mode 100644
index 0000000..22098db
--- /dev/null
+++ b/Discovery/Web-Content/BurpSuite-ParamMiner/uppercase_headers
@@ -0,0 +1,1102 @@
+ACCEPT
+ACCEPT-APPLICATION
+ACCEPT-CHARSET
+ACCEPTED
+ACCEPT-ENCODING
+ACCEPT-ENCODXNG
+ACCEPT-LANGUAGE
+ACCEPT-RANGES
+ACCEPT-VERSION
+ACCESS-CONTROL-ALLOW-CREDENTIALS
+ACCESS-CONTROL-ALLOW-HEADERS
+ACCESS-CONTROL-ALLOW-METHODS
+ACCESS-CONTROL-ALLOW-ORIGIN
+ACCESS-CONTROL-EXPOSE-HEADERS
+ACCESS-CONTROL-MAX-AGE
+ACCESS-CONTROL-REQUEST-HEADERS
+ACCESS-CONTROL-REQUEST-METHOD
+ACCESSKEY
+ACCESS-TOKEN
+ACTION
+ADMIN
+AGE
+AJAX
+AKAMAI-ORIGIN-HOP
+ALLOW
+APP
+APPCOOKIE
+APP-ENV
+APP-KEY
+APPLY-TO-REDIRECT-REF
+APPNAME
+APPVERSION
+ATCEPT-LANGUAGE
+AUTH
+AUTH-ANY
+AUTH-BASIC
+AUTH-DIGEST
+AUTH-DIGEST-IE
+AUTHENTICATION
+AUTH-GSSNEG
+AUTH-KEY
+AUTH-NTLM
+AUTHORIZATION
+AUTH-PASSWORD
+AUTH-REALM
+AUTH-TYPE
+AUTH-USER
+BAD-GATEWAY
+BAD-REQUEST
+BAE-ENV-ADDR-BCMS
+BAE-ENV-ADDR-BCS
+BAE-ENV-ADDR-BUS
+BAE-ENV-ADDR-CHANNEL
+BAE-ENV-ADDR-SQL-IP
+BAE-ENV-ADDR-SQL-PORT
+BAE-ENV-AK
+BAE-ENV-APPID
+BAE-ENV-SK
+BAE-LOGID
+BAR
+BASE
+BASE-URL
+BASIC
+BEARER-INDICATION
+BODY-MAXLENGTH
+BODY-TRUNCATED
+BRIEF
+BROWSER-USER-AGENT
+CACHE-CONTROL
+CACHE-INFO
+CASE-FILES
+CATALOG
+CATALOG-SERVER
+CATEGORY
+CERT-COOKIE
+CERT-FLAGS
+CERT-ISSUER
+CERT-KEYSIZE
+CERT-SECRETKEYSIZE
+CERT-SERIALNUMBER
+CERT-SERVER-ISSUER
+CERT-SERVER-SUBJECT
+CERT-SUBJECT
+CF-CONNECTING-IP
+CF-IPCOUNTRY
+CF-TEMPLATE-PATH
+CF-VISITOR
+CH
+CHALLENGE-RESPONSE
+CHARSET
+CHUNK-SIZE
+CLIENT
+CLIENT-ADDRESS
+CLIENTADDRESS
+CLIENT-BAD-REQUEST
+CLIENT-CONFLICT
+CLIENT-ERROR-CANNOT-ACCESS-LOCAL-FILE
+CLIENT-ERROR-CANNOT-CONNECT
+CLIENT-ERROR-COMMUNICATION-FAILURE
+CLIENT-ERROR-CONNECT
+CLIENT-ERROR-INVALID-PARAMETERS
+CLIENT-ERROR-INVALID-SERVER-ADDRESS
+CLIENT-ERROR-NO-ERROR
+CLIENT-ERROR-PROTOCOL-FAILURE
+CLIENT-ERROR-UNSPECIFIED-ERROR
+CLIENT-EXPECTATION-FAILED
+CLIENT-FORBIDDEN
+CLIENT-GONE
+CLIENT-IP
+CLIENTIP
+CLIENT-LENGTH-REQUIRED
+CLIENT-METHOD-NOT-ALLOWED
+CLIENT-NOT-ACCEPTABLE
+CLIENT-NOT-FOUND
+CLIENT-PAYMENT-REQUIRED
+CLIENT-PRECONDITION-FAILED
+CLIENT-PROXY-AUTH-REQUIRED
+CLIENT-QUIRK-MODE
+CLIENT-REQUESTED-RANGE-NOT-POSSIBLE
+CLIENT-REQUEST-TIMEOUT
+CLIENT-REQUEST-TOO-LARGE
+CLIENT-REQUEST-URI-TOO-LARGE
+CLIENT-UNAUTHORIZED
+CLIENT-UNSUPPORTED-MEDIA-TYPE
+CLOUDFRONT-VIEWER-COUNTRY
+CLOUDINARY-NAME
+CLOUDINARY-PUBLIC-ID
+CLOUDINARYURL
+CLOUDINARY-VERSION
+CODE
+COMING-FROM
+COMPRESS
+CONFLICT
+CONNECTION
+CONNECTION-TYPE
+CONTACT
+CONTENT
+CONTENT-DISPOSITION
+CONTENT-ENCODING
+CONTENT-LANGUAGE
+CONTENT-LENGTH
+CONTENT-LOCATION
+CONTENT-MD5
+CONTENT-RANGE
+CONTENT-SECURITY-POLICY
+CONTENT-SECURITY-POLICY-REPORT-ONLY
+CONTENT-TYPE
+CONTENT-TYPE-XHTML
+CONTEXT-PATH
+CONTINUE
+COOKIE
+COOKIE2
+COOKIE-DOMAIN
+COOKIE-HTTPONLY
+COOKIE-PARSE-RAW
+COOKIE-PATH
+COOKIES
+COOKIE-SECURE
+COOKIE-VARS
+CORE-BASE
+CREATED
+CREDENTIALS-FILEPATH
+CURL
+CURL-MULTITHREADED
+CUSTOM-HEADER
+CUSTOM-SECRET-HEADER
+DATASERVICEVERSION
+DATE
+DEBUG
+DEFLATE-LEVEL-DEF
+DEFLATE-LEVEL-MAX
+DEFLATE-LEVEL-MIN
+DEFLATE-STRATEGY-DEF
+DEFLATE-STRATEGY-FILT
+DEFLATE-STRATEGY-FIXED
+DEFLATE-STRATEGY-HUFF
+DEFLATE-STRATEGY-RLE
+DEFLATE-TYPE-GZIP
+DEFLATE-TYPE-RAW
+DEFLATE-TYPE-ZLIB
+DELETE
+DEPTH
+DESTINATION
+DESTROY
+DEVBLOCKSPROXYBASE
+DEVBLOCKSPROXYHOST
+DEVBLOCKSPROXYSSL
+DEVICE-STOCK-UA
+DIGEST
+DIR
+DIR-NAME
+DIR-RESOURCE
+DISABLE-GZIP
+DKIM-SIGNATURE
+DNT
+DOWNLOAD-ATTACHMENT
+DOWNLOAD-BAD-URL
+DOWNLOAD-BZ2
+DOWNLOAD-CUT-SHORT
+DOWNLOAD-E-HEADERS-SENT
+DOWNLOAD-E-INVALID-ARCHIVE-TYPE
+DOWNLOAD-E-INVALID-CONTENT-TYPE
+DOWNLOAD-E-INVALID-FILE
+DOWNLOAD-E-INVALID-PARAM
+DOWNLOAD-E-INVALID-REQUEST
+DOWNLOAD-E-INVALID-RESOURCE
+DOWNLOAD-E-NO-EXT-MMAGIC
+DOWNLOAD-E-NO-EXT-ZLIB
+DOWNLOAD-INLINE
+DOWNLOAD-MIME-TYPE
+DOWNLOAD-NO-SERVER
+DOWNLOAD-SIZE
+DOWNLOAD-STATUS-NOT-FOUND
+DOWNLOAD-STATUS-SERVER-ERROR
+DOWNLOAD-STATUS-UNAUTHORIZED
+DOWNLOAD-STATUS-UNKNOWN
+DOWNLOAD-TAR
+DOWNLOAD-TGZ
+DOWNLOAD-URL
+DOWNLOAD-ZIP
+E-ENCODING
+E-HEADER
+E-INVALID-PARAM
+E-MALFORMED-HEADERS
+E-MESSAGE-TYPE
+ENABLE-GZIP
+ENABLE-NO-CACHE-HEADERS
+ENCODING-STREAM-FLUSH-FULL
+ENCODING-STREAM-FLUSH-NONE
+ENCODING-STREAM-FLUSH-SYNC
+ENV-SILLA-ENVIRONMENT
+ENV-VARS
+E-QUERYSTRING
+E-REQUEST
+E-REQUEST-METHOD
+E-REQUEST-POOL
+E-RESPONSE
+ERROR
+ERROR-1
+ERROR-2
+ERROR-3
+ERROR-4
+ERROR-FORMATTING-HTML
+E-RUNTIME
+E-SOCKET
+ESPO-AUTHORIZATION
+ESPO-CGI-AUTH
+ETAG
+E-URL
+EVE-CHARID
+EVE-CHARNAME
+EVE-SOLARSYSTEMID
+EVE-SOLARSYSTEMNAME
+EVE-TRUSTED
+EX-COPY-MOVIE
+EXPECT
+EXPECTATION-FAILED
+EXPIRES
+EXT
+FAILED-DEPENDENCY
+FAKE-HEADER
+FASTLY-CLIENT-IP
+FB-APPID
+FB-SECRET
+FILENAME
+FILE-NOT-FOUND
+FILES
+FILES-VARS
+FIRE-BREATHING-DRAGON
+FOO
+FOO-BAR
+FORBIDDEN
+FORCE-LANGUAGE
+FORCE-LOCAL-XHPROF
+FORMAT
+FORWARDED
+FORWARDED-FOR
+FORWARDED-FOR-IP
+FORWARDED-PROTO
+FROM
+FROMLINK
+FRONT-END-HTTPS
+GATEWAY-INTERFACE
+GATEWAY-TIME-OUT
+GET
+GET-VARS
+GIVENNAME
+GLOBAL-ALL
+GLOBAL-COOKIE
+GLOBAL-GET
+GLOBAL-POST
+GONE
+GOOGLE-CODE-PROJECT-HOSTING-HOOK-HMAC
+GZIP-LEVEL
+H0ST
+HEAD
+HEADER
+HEADER-LF
+HEADER-STATUS-CLIENT-ERROR
+HEADER-STATUS-INFORMATIONAL
+HEADER-STATUS-REDIRECT
+HEADER-STATUS-SERVER-ERROR
+HEADER-STATUS-SUCCESSFUL
+HOME
+HOST
+HOSTI
+HOST-LIVESERVER
+HOST-NAME
+HOST-UNAVAILABLE
+HTACCESS
+HTTP-ACCEPT
+HTTP-ACCEPT-ENCODING
+HTTP-ACCEPT-LANGUAGE
+HTTP-AUTHORIZATION
+HTTP-CONNECTION
+HTTP-COOKIE
+HTTP-HOST
+HTTP-PHONE-NUMBER
+HTTP-REFERER
+HTTPS
+HTTPS-FROM-LB
+HTTPS-KEYSIZE
+HTTPS-SECRETKEYSIZE
+HTTPS-SERVER-ISSUER
+HTTPS-SERVER-SUBJECT
+HTTP-URL
+HTTP-USER-AGENT
+IF
+IF-MATCH
+IF-MODIFIED-SINCE
+IF-MODIFIED-SINCE-VERSION
+IF-NONE-MATCH
+IF-POSTED-BEFORE
+IF-RANGE
+IF-UNMODIFIED-SINCE
+IF-UNMODIFIED-SINCE-VERSION
+IMAGE
+IMAGES
+INCAP-CLIENT-IP
+INFO
+INFO-DOWNLOAD-SIZE
+INFO-DOWNLOAD-TIME
+INFO-RETURN-CODE
+INFO-TOTAL-REQUEST-STAT
+INFO-TOTAL-RESPONSE-STAT
+INSUFFICIENT-STORAGE
+INTERNAL-SERVER-ERROR
+IPRESOLVE-ANY
+IPRESOLVE-V4
+IPRESOLVE-V6
+ISCHEDULE-VERSION
+IV-GROUPS
+IV-USER
+JAVASCRIPT
+JENKINS
+KEEP-ALIVE
+KISS-RPC
+LABEL
+LARGE-ALLOCATION
+LAST-EVENT-ID
+LAST-MODIFIED
+LENGTH-REQUIRED
+LINK
+LOCAL-ADDR
+LOCAL-CONTENT-SHA1
+LOCAL-DIR
+LOCATION
+LOCKED
+LOCK-TOKEN
+MAIL
+MAX-CONN
+MAXDATASERVICEVERSION
+MAX-FORWARDS
+MAX-REQUEST-SIZE
+MAX-URI-LENGTH
+MESSAGE
+MESSAGE-B
+METH-
+METH-ACL
+METH-BASELINE-CONTROL
+METH-CHECKIN
+METH-CHECKOUT
+METH-CONNECT
+METH-COPY
+METH-DELETE
+METH-GET
+METH-HEAD
+METH-LABEL
+METH-LOCK
+METH-MERGE
+METH-MKACTIVITY
+METH-MKCOL
+METH-MKWORKSPACE
+METH-MOVE
+METHOD
+METHOD-NOT-ALLOWED
+METH-OPTIONS
+METH-POST
+METH-PROPFIND
+METH-PROPPATCH
+METH-PUT
+METH-REPORT
+METH-TRACE
+METH-UNCHECKOUT
+METH-UNLOCK
+METH-UPDATE
+METH-VERSION-CONTROL
+MIMETYPE
+MODAUTH
+MODE
+MOD-ENV
+MOD-REWRITE
+MOD-SECURITY-MESSAGE
+MODULE-CLASS
+MODULE-CLASS-PATH
+MODULE-NAME
+MOVED-PERMANENTLY
+MOVED-TEMPORARILY
+MS-ASPROTOCOLVERSION
+MSG-NONE
+MSG-REQUEST
+MSG-RESPONSE
+MSISDN
+MULTIPART-BOUNDARY
+MULTIPLE-CHOICES
+MULTI-STATUS
+MY-HEADER
+MYSQLPORT
+NATIVE-SOCKETS
+NEGOTIATE
+NL
+NO-CONTENT
+NON-AUTHORITATIVE
+NONCE
+NOT-ACCEPTABLE
+NOT-EXISTS
+NOT-EXTENDED
+NOT-FOUND
+NOTIFICATION-TEMPLATE
+NOT-IMPLEMENTED
+NOT-MODIFIED
+OC-CHUNKED
+OCS-APIREQUEST
+OK
+ON-BEHALF-OF
+ONERROR-CONTINUE
+ONERROR-DIE
+ONERROR-RETURN
+OPENCART
+OPTIONS
+ORGANIZER
+ORIGIN
+ORIGINATOR
+ORIG_PATH_INFO
+OVERWRITE
+PARAMS-ALLOW-COMMA
+PARAMS-ALLOW-FAILURE
+PARAMS-DEFAULT
+PARAMS-GET-CATID
+PARAMS-GET-CURRENTDAY
+PARAMS-GET-DISPOSITION
+PARAMS-GET-DOWNWARDS
+PARAMS-GET-GIVENDATE
+PARAMS-GET-LANG
+PARAMS-GET-TYPE
+PARAMS-RAISE-ERROR
+PARTIAL-CONTENT
+PASSKEY
+PASSWORD
+PATH
+PATH-BASE
+PATH-INFO
+PATH-THEMES
+PATH-TRANSLATED
+PAYMENT-REQUIRED
+PC-REMOTE-ADDR
+PHONE-NUMBER
+PHP
+PHP-AUTH-PW
+PHP-AUTH-USER
+PHPTHREADS
+PINK-PONY
+PORT
+PORTSENSOR-AUTH
+POST
+POST-ERROR
+POST-FILES
+POSTREDIR-301
+POSTREDIR-302
+POSTREDIR-ALL
+POST-VARS
+PRAGMA
+PRAGMA-NO-CACHE
+PRECONDITION-FAILED
+PREFER
+PROCESSING
+PROFILE
+PROTOCOL
+PROTOCOLS
+PROXY
+PROXY-AGENT
+PROXY-AUTHENTICATE
+PROXY-AUTHENTICATION-REQUIRED
+PROXY-AUTHORIZATION
+PROXY-CONNECTION
+PROXY-HOST
+PROXY-HTTP
+PROXY-HTTP-1-0
+PROXY-PASSWORD
+PROXY-PORT
+PROXY-PWD
+PROXY-REQUEST-FULLURI
+PROXY-SOCKS4
+PROXY-SOCKS4A
+PROXY-SOCKS5
+PROXY-SOCKS5-HOSTNAME
+PROXY-URL
+PROXY-USER
+PUBLIC-KEY-PINS
+PUBLIC-KEY-PINS-REPORT-ONLY
+PULL
+PUT
+QUERY-STRING
+QUERYSTRING
+QUERYSTRING-TYPE-ARRAY
+QUERYSTRING-TYPE-BOOL
+QUERYSTRING-TYPE-FLOAT
+QUERYSTRING-TYPE-INT
+QUERYSTRING-TYPE-OBJECT
+QUERYSTRING-TYPE-STRING
+RANGE
+RANGE-NOT-SATISFIABLE
+RAW-POST-DATA
+READ-STATE-BEGIN
+READ-STATE-BODY
+READ-STATE-HEADERS
+REAL-IP
+REAL-METHOD
+REASON
+REASON-PHRASE
+RECIPIENT
+REDIRECT
+REDIRECTED-ACCEPT-LANGUAGE
+REDIRECT-FOUND
+REDIRECTION-FOUND
+REDIRECTION-MULTIPLE-CHOICES
+REDIRECTION-NOT-MODIFIED
+REDIRECTION-PERMANENT
+REDIRECTION-SEE-OTHER
+REDIRECTION-TEMPORARY
+REDIRECTION-UNUSED
+REDIRECTION-USE-PROXY
+REDIRECT-PERM
+REDIRECT-POST
+REDIRECT-PROBLEM-WITHOUTWWW
+REDIRECT-PROBLEM-WITHWWW
+REDIRECT-PROXY
+REDIRECT-TEMP
+REF
+REFERER
+REFERER 
+REFERRER
+REFERRER-POLICY
+REFFERER
+REFRESH
+REMIX-HASH
+REMOTE-ADDR
+REMOTE-HOST
+REMOTE-HOST-WP
+REMOTE-USER
+REMOTE-USERHTTPS
+REPORT-TO
+REQUEST
+REQUEST2-TESTS-BASE-URL
+REQUEST2-TESTS-PROXY-HOST
+REQUEST-ENTITY-TOO-LARGE
+REQUEST-ERROR
+REQUEST-ERROR-FILE
+REQUEST-ERROR-GZIP-CRC
+REQUEST-ERROR-GZIP-DATA
+REQUEST-ERROR-GZIP-METHOD
+REQUEST-ERROR-GZIP-READ
+REQUEST-ERROR-PROXY
+REQUEST-ERROR-REDIRECTS
+REQUEST-ERROR-RESPONSE
+REQUEST-ERROR-URL
+REQUEST-HTTP-VER-1-0
+REQUEST-HTTP-VER-1-1
+REQUEST-MBSTRING
+REQUEST-METHOD
+REQUEST-METHOD-
+REQUEST-METHOD-DELETE
+REQUEST-METHOD-GET
+REQUEST-METHOD-HEAD
+REQUEST-METHOD-OPTIONS
+REQUEST-METHOD-POST
+REQUEST-METHOD-PUT
+REQUEST-METHOD-TRACE
+REQUEST-TIME-OUT
+REQUEST-TIMEOUT
+REQUESTTOKEN
+REQUEST-URI
+REQUEST-URI-TOO-LARGE
+REQUEST-VARS
+RESET-CONTENT
+RESPONSE
+REST-KEY
+REST-SIGN
+RETRY-AFTER
+RETURNED-ERROR
+RLNCLIENTIPADDR
+ROOT
+SAFE-PORTS-LIST
+SAFE-PORTS-SSL-LIST
+SCHEDULE-REPLY
+SCHEME
+SCRIPT-NAME
+SECRETKEY
+SEC-WEBSOCKET-ACCEPT
+SEC-WEBSOCKET-EXTENSIONS
+SEC-WEBSOCKET-KEY
+SEC-WEBSOCKET-KEY1
+SEC-WEBSOCKET-KEY2
+SEC-WEBSOCKET-ORIGIN
+SEC-WEBSOCKET-PROTOCOL
+SEC-WEBSOCKET-VERSION
+SEE-OTHER
+SELF
+SEND-X-FRAME-OPTIONS
+SERVER
+SERVER-BAD-GATEWAY
+SERVER-ERROR
+SERVER-GATEWAY-TIMEOUT
+SERVER-INTERNAL
+SERVER-NAME
+SERVER-NOT-IMPLEMENTED
+SERVER-PORT
+SERVER-PORT-SECURE
+SERVER-PROTOCOL
+SERVER-SERVICE-UNAVAILABLE
+SERVER-SOFTWARE
+SERVER-UNSUPPORTED-VERSION
+SERVER-VARS
+SERVER-VARSABANTECART
+SERVICE-UNAVAILABLE
+SESSION-ID-TAG
+SESSION-VARS
+SET-COOKIE
+SET-COOKIE2
+SHIB-
+SHIB-APPLICATION-ID
+SHIB-IDENTITY-PROVIDER
+SHIB-LOGOUTURL
+SHOPILEX
+SLUG
+SN
+SOAPACTION
+SOCKET-CONNECTION-ERR
+SOCKETLOG
+SOMEVAR
+SOURCEMAP
+SP-CLIENT
+SP-HOST
+SSL
+SSL-HTTPS
+SSL-OFFLOADED
+SSL-SESSION-ID
+SSLSESSIONID
+SSL-VERSION-ANY
+START
+STATUS
+STATUS-
+STATUS-403
+STATUS-403-ADMIN-DEL
+STATUS-404
+STATUS-BAD-REQUEST
+STATUS-CODE
+STATUS-FORBIDDEN
+STATUS-OK
+STATUS-PLATFORM-403
+STRICT-TRANSPORT-SECURITY
+STR-MATCH
+SUCCESS-ACCEPTED
+SUCCESS-CREATED
+SUCCESS-NO-CONTENT
+SUCCESS-NON-AUTHORITATIVE
+SUCCESS-OK
+SUCCESS-PARTIAL-CONTENT
+SUCCESS-RESET-CONTENT
+SUPPORT
+SUPPORT-ENCODINGS
+SUPPORT-EVENTS
+SUPPORT-MAGICMIME
+SUPPORT-REQUESTS
+SUPPORT-SSLREQUESTS
+SURROGATE-CAPABILITY
+SWITCHING-PROTOCOLS
+TE
+TEMPORARY-REDIRECT
+TEST
+TEST-CONFIG
+TEST-SERVER-PATH
+TEST-SOMETHING-ANYTHING
+TICKET
+TIME-OUT
+TIMEOUT
+TIMING-ALLOW-ORIGIN
+TITLE
+TK
+TMP
+TOKEN
+TRAILER
+TRANSFER-ENCODING
+TRANSLATE
+TRANSPORT-ERR
+TRUE-CLIENT-IP
+UA
+UA-COLOR
+UA-CPU
+UA-OS
+UA-PIXELS
+UA-RESOLUTION
+UA-VOICE
+UNAUTHORIZED
+UNENCODED-URL
+UNIT-TEST-MODE
+UNLESS-MODIFIED-SINCE
+UNPROCESSABLE-ENTITY
+UNSUPPORTED-MEDIA-TYPE
+UPGRADE
+UPGRADE-INSECURE-REQUESTS
+UPGRADE-REQUIRED
+UPLOAD-DEFAULT-CHMOD
+URI
+URL
+URL-FROM-ENV
+URL-JOIN-PATH
+URL-JOIN-QUERY
+URL-REPLACE
+URL-SANITIZE-PATH
+URL-STRIP-
+URL-STRIP-ALL
+URL-STRIP-AUTH
+URL-STRIP-FRAGMENT
+URL-STRIP-PASS
+URL-STRIP-PATH
+URL-STRIP-PORT
+URL-STRIP-QUERY
+URL-STRIP-USER
+USE-GZIP
+USE-PROXY
+USER
+USER-AGENT
+USERAGENT
+USER-AGENT-VIA
+USERAGENT-VIA
+USER-EMAIL
+USER-ID
+USER-MAIL
+USER-NAME
+USER-PHOTOS
+UTIL
+VARIANT-ALSO-VARIES
+VARY
+VERBOSE
+VERBOSE-THROTTLE
+VERIFY-CERT
+VERSION
+VERSION-1-0
+VERSION-1-1
+VERSION-ANY
+VERSIONCODE
+VERSION-NONE
+VERSION-NOT-SUPPORTED
+VIA
+VIAD
+WAF-STUFF-BELOW
+WAP-CONNECTION
+WARNING
+WEBODF-MEMBER-ID
+WEBODF-SESSION-ID
+WEBODF-SESSION-REVISION
+WEB-SERVER-API
+WORK-DIRECTORY
+WWW-ADDRESS
+WWW-AUTHENTICATE
+X
+X-
+X-AASTRA-EXPMOD1
+X-AASTRA-EXPMOD2
+X-AASTRA-EXPMOD3
+X-ACCEL-MAPPING
+X-ACCESS-TOKEN
+X-ADVERTISER-ID
+X-AJAX-REAL-METHOD
+X_ALTO_AJAX_KEY
+X-ALTO-AJAX-KEYZ
+X-AMZ-DATE
+X-AMZN-REMAPPED-HOST
+X-AMZ-WEBSITE-REDIRECT-LOCATION
+X-API-KEY
+X-API-SIGNATURE
+X-API-TIMESTAMP
+X-APITOKEN
+X-APPLE-CLIENT-APPLICATION
+X-APPLE-STORE-FRONT
+X-ARR-LOG-ID
+X-ARR-SSL
+X-ATT-DEVICEID
+X-AUTHENTICATION
+X-AUTHENTICATION-KEY
+X-AUTH-KEY
+X-AUTH-MODE
+X-AUTHORIZATION
+XAUTHORIZATION
+X-AUTH-PASSWORD
+X-AUTH-SERVICE-PROVIDER
+X-AUTH-TOKEN
+X-AUTH-USER
+X-AUTH-USERID
+X-AUTH-USERNAME
+X-AVANTGO-SCREENSIZE
+X-AZC-REMOTE-ADDR
+X-BEAR-AJAX-REQUEST
+X-BLUECOAT-VIA
+X-BOLT-PHONE-UA
+X-BROWSER-HEIGHT
+X-BROWSER-WIDTH
+X-CASCADE
+X-CEPT-ENCODING
+X-CF-URL
+X-CHROME-EXTENSION
+X-CISCO-BBSM-CLIENTIP
+X-CLIENT-HOST
+X-CLIENT-ID
+X-CLIENT-IP
+X-CLIENTIP
+X-CLIENT-KEY
+X-CLIENT-OS
+X-CLIENT-OS-VER
+X-CLUSTER-CLIENT-IP
+X-CODECEPTION-CODECOVERAGE
+X-CODECEPTION-CODECOVERAGE-CONFIG
+X-CODECEPTION-CODECOVERAGE-DEBUG
+X-CODECEPTION-CODECOVERAGE-SUITE
+X-COLLECT-COVERAGE
+X-COMING-FROM
+X-CONFIRM-DELETE
+X-CONTENT-TYPE
+X-CONTENT-TYPE-OPTIONS
+X-CREDENTIALS-REQUEST
+X-CSRF-CRUMB
+X-CSRF-TOKEN
+X-CSRFTOKEN
+X-CUID
+X-CUSTOM
+X-DAGD-PROXY
+X-DAVICAL-TESTCASE
+X-DCMGUID
+X-DEBUG-TEST
+X-DEVICE-USER-AGENT
+X-DIALOG
+X-DNS-PREFETCH-CONTROL
+X-DOKUWIKI-DO
+X-DO-NOT-TRACK
+X-DRESTCG
+X-DSID
+X-ELGG-APIKEY
+X-ELGG-HMAC
+X-ELGG-HMAC-ALGO
+X-ELGG-NONCE
+X-ELGG-POSTHASH
+X-ELGG-POSTHASH-ALGO
+X-ELGG-TIME
+X-EM-UID
+X-ENABLE-COVERAGE
+X-ENVIRONMENT-OVERRIDE
+X-EXPECTED-ENTITY-LENGTH
+X-EXPERIENCE-API-VERSION
+X-FB-USER-REMOTE-ADDR
+X-FILE-ID
+X-FILE-NAME
+X-FILENAME
+X-FILE-RESUME
+X-FILE-SIZE
+X-FILE-TYPE
+X-FIRELOGGER
+X-FIRELOGGERAUTH
+X-FIREPHP-VERSION
+X-FLASH-VERSION
+X-FLX-CONSUMER-KEY
+X-FLX-CONSUMER-SECRET
+X-FLX-REDIRECT-URL
+X-FOO
+X-FOO-BAR
+X-FORWARDED
+X-FORWARDED-BY
+X-FORWARDED-FOR
+X-FORWARDED-FOR-ORIGINAL
+X-FORWARDED-HOST
+X-FORWARDED-PORT
+X-FORWARDED-PROTO
+X-FORWARDED-PROTOCOL
+X-FORWARDED-SCHEME
+X-FORWARDED-SERVER
+X-FORWARDED-SSL
+X-FORWARDED-SSL 
+X-FORWARDER-FOR
+X-FORWARD-FOR
+X-FORWARD-PROTO
+X-FROM
+X-GB-SHARED-SECRET
+X-GEOIP-COUNTRY
+X-GET-CHECKSUM
+X-HELPSCOUT-EVENT
+X-HELPSCOUT-SIGNATURE
+X-HGARG-
+X-HOST
+X-HTTP-DESTINATIONURL
+X-HTTP-HOST-OVERRIDE
+X-HTTP-METHOD
+X-HTTP-METHOD-OVERRIDE
+X-HTTP-PATH-OVERRIDE
+X-HTTPS
+X-HTX-AGENT
+X-HUAWEI-USERID
+X-HUB-SIGNATURE
+X-IF-UNMODIFIED-SINCE
+X-IMBO-TEST-CONFIG
+X-INSIGHT
+X-IP
+X-IP-TRAIL
+X-IWPROXY-NESTING
+X-JPHONE-COLOR
+X-JPHONE-DISPLAY
+X-JPHONE-GEOCODE
+X-JPHONE-MSNAME
+X-JPHONE-UID
+X-JSON
+X-KALTURA-REMOTE-ADDR
+X-KNOWN-SIGNATURE
+X-KNOWN-USERNAME
+X-LITMUS
+X-LITMUS-SECOND
+X-LOCKING
+X-MACHINE
+X-MANDRILL-SIGNATURE
+X-METHOD-OVERRIDE
+X-MOBILE-GATEWAY
+X-MOBILE-UA
+X-MOSSO-DT
+X-MOZ
+X-MSISDN
+X-MS-POLICYKEY
+X-MYQEE-SYSTEM-DEBUG
+X-MYQEE-SYSTEM-HASH
+X-MYQEE-SYSTEM-ISADMIN
+X-MYQEE-SYSTEM-ISREST
+X-MYQEE-SYSTEM-PATHINFO
+X-MYQEE-SYSTEM-PROJECT
+X-MYQEE-SYSTEM-RSTR
+X-MYQEE-SYSTEM-TIME
+X-NETWORK-INFO
+X-NFSN-HTTPS
+X-NING-REQUEST-URI
+X-NOKIA-BEARER
+X-NOKIA-CONNECTION-MODE
+X-NOKIA-GATEWAY-ID
+X-NOKIA-IPADDRESS
+X-NOKIA-MSISDN
+X-NOKIA-WIA-ACCEPT-ORIGINAL
+X-NOKIA-WTLS
+X-NUGET-APIKEY
+X-OC-MTIME
+XONNECTION
+X-OPERA-INFO
+X-OPERAMINI-FEATURES
+X-OPERAMINI-PHONE
+X-OPERAMINI-PHONE-UA
+X-OPTIONS
+X-ORANGE-ID
+X-ORCHESTRA-SCHEME
+X-ORIG-CLIENT
+X-ORIGINAL-HOST
+X-ORIGINAL-HTTP-COMMAND
+X-ORIGINALLY-FORWARDED-FOR
+X-ORIGINALLY-FORWARDED-PROTO
+X-ORIGINAL-REMOTE-ADDR
+X-ORIGINAL-URL
+X-ORIGINAL-USER-AGENT
+X-ORIGINATING-IP
+X-OS-PREFS
+X-OVERLAY
+X-PAGELET-FRAGMENT
+X-PASSWORD
+XPDB-DEBUGGER
+X-PHABRICATOR-CSRF
+X-PHPBB-USING-PLUPLOAD
+X-PJAX
+X-PJAX-CONTAINER
+X-PROTOTYPE-VERSION
+XPROXY
+X-PROXY-URL
+X-PSWD
+X-PURPOSE
+X-QAFOO-PROFILER
+X-REAL-IP
+X-REMOTE-ADDR
+X-REMOTE-PROTOCOL
+X-RENDER-PARTIAL
+X-REQUEST
+X-REQUESTED-WITH
+X-REQUEST-ID
+X-REQUEST-SIGNATURE
+X-REQUEST-START
+X-REQUEST-TIMESTAMP
+X-RESPONSE-FORMAT
+X-REST-CORS
+X-REST-PASSWORD
+X-REST-USERNAME
+X-REWRITE-URL
+XROXY-CONNECTION
+X-SAKURA-FORWARDED-FOR
+X-SCALR-AUTH-KEY
+X-SCALR-AUTH-TOKEN
+X-SCALR-ENV-ID
+X-SCANNER
+X-SCHEME
+X-SCREEN-HEIGHT
+X-SCREEN-WIDTH
+X-SENDFILE-TYPE
+X-SERIALIZE
+X-SERIAL-NUMBER
+X-SERVER-ID
+X-SERVER-NAME
+X-SERVER-PORT
+X-SIGNATURE
+X-SINA-PROXYUSER
+X-SKYFIRE-PHONE
+X-SKYFIRE-SCREEN
+X-SSL
+X-SUBDOMAIN
+X-TE
+X-TEAMSITE-PREREMAP
+X-TEST-SESSION-ID
+X-TIMER
+X-TINE20-JSONKEY
+X-TINE20-REQUEST-TYPE
+X-TOMBOY-CLIENT
+X-TOR
+X-TWILIO-SIGNATURE
+X-UA-DEVICE
+X-UCBROWSER-DEVICE-UA
+X-UIDH
+X-UNIQUE-ID
+X-UNIQUEWCID
+X-UP-CALLING-LINE-ID
+X-UPDATE
+X-UPDATE-RANGE
+X-UP-DEVCAP-ISCOLOR
+X-UP-DEVCAP-SCREENDEPTH
+X-UP-DEVCAP-SCREENPIXELS
+X-UPLOAD-MAXRESOLUTION
+X-UPLOAD-NAME
+X-UPLOAD-SIZE
+X-UPLOAD-TYPE
+X-UP-SUBNO
+X-URL-SCHEME
+X-USER
+X-USER-AGENT
+X-USERNAME
+X-VARNISH
+X-VERIFY-CREDENTIALS-AUTHORIZATION
+X-VODAFONE-3GPDPCONTEXT
+X-WAP-CLIENTID
+X-WAP-CLIENT-SDU-SIZE
+X-WAP-GATEWAY
+X-WAP-NETWORK-CLIENT-IP
+X-WAP-NETWORK-CLIENT-MSISDN
+X-WAP-PROFILE
+X-WAP-PROXY-COOKIE
+X-WAP-SESSION-ID
+X-WAP-TOD
+X-WAP-TOD-CODED
+X-WHATEVER
+X-WIKIMEDIA-DEBUG
+X-WP-NONCE
+X-WP-PJAX-PREFETCH
+X-WS-API-KEY
+X-XC-SCHEMA-VERSION
+X-XHPROF-DEBUG
+X-XHR-REFERER
+X-XMLHTTPREQUEST
+X-XPID
+XXX-REAL-IP
+XXXXXXXXXXXXXXX
+X-ZIKULA-AJAX-TOKEN
+X-ZOTERO-VERSION
+X-ZTGO-BEARERINFO
+Y
+ZOTERO-API-VERSION
+ZOTERO-WRITE-TOKEN