Verizon Wireless is injecting a UID into all HTTP requests made on the VZW network, regardless of whether or not you've opted out of their Customer Proprietary Network Information (CNPI) options.

It's injected at the network level- So it tracks across browsers and ignores 'private browsing', do-not-track headers, overriding the UIDH in the client/curl, everything. My confirmation showing the headers only appearing in unprotected HTTP requests (disappearing when VPNed):

https://twitter.com/rammic/status/525360201361530880

If you're on the VZW cell network and not using wifi, you can check your own ID here (via @j4cob):

http://uidh.crud.net/