Just a note folks, geekstogo.com has been compromised again, and is currently serving malicious code, via;
I've tried calling geekstogo.com but they rejected my call because my number is ex directory, and the host (SoftLayer) wasn't any help.
The exploit itself is loaded from a Hanaro hosted IP address (18.104.22.168), with another exploit loaded from;
22.214.171.124 is on a GNAX IP range. I'd suggest blocking both /24's with immediate effect.
A little extra digging has shown another IP involved, 126.96.36.199, which is on a well known criminal friendly IP range - WorldStream, and resolves to unoosearch.com.