Just a note folks, geekstogo.com has been compromised again, and is currently serving malicious code, via;
I've tried calling geekstogo.com but they rejected my call because my number is ex directory, and the host (SoftLayer) wasn't any help.
The exploit itself is loaded from a Hanaro hosted IP address (188.8.131.52), with another exploit loaded from;
184.108.40.206 is on a GNAX IP range. I'd suggest blocking both /24's with immediate effect.
A little extra digging has shown another IP involved, 220.127.116.11, which is on a well known criminal friendly IP range - WorldStream, and resolves to unoosearch.com.