Baidu's javascript cdn is being Hack by national firewall, inject these JS attack script. If other webseit include some javascript library from Baidu's javascript CDN will automatically run JS script that will DDOS attack Github. The attack JS script is here:
Github notice that, it replace that DDOS http request respond with a alert("WARNING: malicious javascript detected on this domain").
That is why some Chinese guy gets a weird pop-up with English text when visiting Chinese websites.
https://gist.github.com/zhufenggood/7bb040b1effb71d14bcc
Here is deobfuscate version using http://jsbeautifier.org/
https://gist.github.com/zhufenggood/6a38c2a2b2185977b3cb
Github notice that, it replace that DDOS http request respond with a alert("WARNING: malicious javascript detected on this domain"). That is why some Chinese guy gets a weird pop-up with English text when visiting Chinese websites.