Interesting test (missing some backslashes btw. should be \r\n). If it did detect, I can't see it doing any good for something like that AOL problem though - loads of legitimate users going through the proxy.