Include project key in headers for easier debugging of bad payloads

[fuziontech]

We've had an uptick in bad payloads being sent to the events api.

It'd be nice to add or move some of the more critical fields to the headers so that when we cannot uncompress or deserialize the body payload we are still able to trace where these payload are coming from and if they are valid at all or should be completely thrown away.

This would enable us in two primary ways:

• In sentry we could see aggregates by the field (the body is omitted currently because of deserialization errors)
• We could turn away these events at the LB by creating a rule to drop events coming from certain api keys

The issue here is that because users don't upgrade their client libraries it would take a while before we could actually enforce this, but it is worth getting the ball rolling because it would add some signal in the short term that we could action on.