Just a note folks, geekstogo.com has been compromised again, and is currently serving malicious code, via;
I've tried calling geekstogo.com but they rejected my call because my number is ex directory, and the host (SoftLayer) wasn't any help.
The exploit itself is loaded from a Hanaro hosted IP address (184.108.40.206), with another exploit loaded from;
220.127.116.11 is on a GNAX IP range. I'd suggest blocking both /24's with immediate effect.
A little extra digging has shown another IP involved, 18.104.22.168, which is on a well known criminal friendly IP range - WorldStream, and resolves to unoosearch.com.