diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb
index 90015542..b976f514 100644
--- a/app/controllers/registrations_controller.rb
+++ b/app/controllers/registrations_controller.rb
@@ -6,6 +6,8 @@
 class RegistrationsController < Devise::RegistrationsController
   class SpambotError < StandardError; end
 
+  PRIVATE_HEADERS = /(cookie|secret|token)/i
+
   prepend_before_action :anti_spambot_traps, only: %i[create]
   prepend_after_action :lock_spambots, only: %i[create]
 
@@ -34,7 +36,7 @@ class RegistrationsController < Devise::RegistrationsController
   def anti_spambot_traps
     raise SpambotError if spambot?
   rescue SpambotError => e
-    ExceptionNotifier.notify_exception(e, data: { params: anonymized_params, headers: request.headers.to_h })
+    ExceptionNotifier.notify_exception(e, data: { params: anonymized_params, headers: anonymized_headers })
     nil
   end
 
@@ -49,6 +51,18 @@ class RegistrationsController < Devise::RegistrationsController
     end
   end
 
+  # Devuelve los encabezados de la petición sin información sensible de
+  # Rails
+  #
+  # @return [Hash]
+  def anonymized_headers
+    request.headers.to_h.select do |_, v|
+      v.is_a? String
+    end.reject do |k, _|
+      k =~ PRIVATE_HEADERS
+    end
+  end
+
   # Si le usuarie es considerade spambot, no enviamos el correo de
   # confirmación al crear la cuenta.
   def sign_up_params