Why transfer data in HTTP headers :
1) Usually, predictable technical information is conveyed in HTTP headers, so not all programs for logging and traffic analysis have the function of saving the contents of HTTP headers. For example, Apache usually (it depends on the setting of the log format) stores such HTTP header fields as Referer and User-Agent . If you want, you can configure Apache to save the data submitted by the POST method, but this is usually not done, since the logs begin to take up too much space.
2) As for storing other HTTP header fields, this is in principle possible, but this requires enabling and configuring the mod_log_forensic module , this also happens infrequently, plus storing a large amount of practically unnecessary data.
3) Therefore, there are certain reasons to use HTTP headers for data transfer, since GET requests are saved almost always, POST requests are rarely saved, and HTTP headers are almost never saved.
4) Among the popular applications that use the HTTP header field to transfer data, you can at first recall PhpSploit - "a hidden framework for subsequent exploitation", in short, a Trojan, a PHP backdoor for web servers.