The top sponsored ad on the Microsoft search engine for the biggest company in the nation (Walmart) should not be sending people to a phishing server.
The user got an annoying pop up which locked up the browser (had to be killed with task manager). I notice that Bing is set as the default search engine in the user’s browser (Firefox). The user had been searching for “Walmart” and clicked on the first result (a sponsored Microsoft ad) which sent the user to the non-secure (http) walmart.com. Apparently that machine or the DNS pointing to that machine is redirecting folks to pcxxrry0555.xyz (a domain registered with GoDaddy and seemingly sitting on a Highwinds server in Arizona somewhere).