These are the headers that are used by attackers to exploit Log4J critical zero day vulnerability in Java applications. Since this includes almost all the headers we know off this might be difficult for admins to block the requests with the headers that wont be requested normally!
Authorization Cache-Control Cf-Connecting_ip Client-Ip Contact Cookie Forwarded-For-Ip Forwarded-For Forwarded If-Modified-Since Originating-Ip Referer True-Client-Ip User-Agent X-Api-Version X-Client-Ip X-Forwarded-For X-Leakix X-Originating-Ip X-Real-Ip X-Remote-Addr X-Remote-Ip X-Wap-Profile Authorization: Basic Authorization: Bearer Authorization: Oauth Authorization: Token