I captured the HTTP as I just browsed around the site a bit. Most of what we receive is pretty standard:
HTTP/1.1 200 OK Date: Sat, 19 Jan 2013 19:37:48 GMT Server: Apache/2.2 X-Powered-By: PHP/5.3.10 Set-Cookie: csrf_cookie=d79d17617ac5f0432075c0a336080fe6; expires=Sat, 19-Jan-2013 21:37:48 GMT; path=/; domain=www.daniweb.com Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5786 Keep-Alive: timeout=10, max=400 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 --followed by the compressed items---
That's just a quick sample. Nothing I saw is screaming "I'm too large" at me. The largest header size was 32,215 when requesting GET /js/FusionCharts/Charts/FusionCharts.js HTTP/1.1.
The real way to look at this would be to try and replicate the failing environment. But we would need to know the version of ISA, patch level, and ideally, a packet capture on that side at client and server level.