diff --git a/src/Api/Controllers/MiscController.cs b/src/Api/Controllers/MiscController.cs
index 64592b8397..9d17a16378 100644
--- a/src/Api/Controllers/MiscController.cs
+++ b/src/Api/Controllers/MiscController.cs
@@ -6,6 +6,8 @@ using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Authorization;
 using Bit.Core;
 using Stripe;
+using System.Linq;
+using System.Collections.Generic;
 
 namespace Bit.Api.Controllers
 {
@@ -38,10 +40,14 @@ namespace Bit.Api.Controllers
         [HttpGet("~/ip")]
         public JsonResult Ip()
         {
+            var headerSet = new HashSet<string> { "x-forwarded-for", "cf-connecting-ip", "client-ip" };
+            var headers = HttpContext.Request?.Headers
+                .Where(h => headerSet.Contains(h.Key.ToLower()))
+                .ToDictionary(h => h.Key);
             return new JsonResult(new
             {
                 Ip = HttpContext.Connection?.RemoteIpAddress?.ToString(),
-                Headers = HttpContext.Request?.Headers,
+                Headers = headers,
             });
         }