Also browser exploitable issue for Web application details:
Application: DESTOON B2B - www.destoon.com
http://www.securityfocus.com/bid/45796/exploit
As the WAF/2.0 issue info spread via excessive header info proliferation.
a WAF does not protect against SQLi attacks - databases are still exposed.
Site should be flagged because of blacklisted external link: htxp://js.users.51.la/17215221.js
Blacklisted domains, hosts: app.adanzhuo dot com → https://www.virustotal.com/nl/url/9f0a12365f9b68edbcae04faa568a8e979dfa39ec0bcbe05a039d2cf86a69028/analysis/
www.xstyjc dot com (malicious software host - http://www.google.mn/safebrowsing/diagnostic?site=xstyjc.com/ )
js.users.51 dot la (already mentioned)
polonus