I saw this today too, as well as in the past. I was redirected from TutorialsPoint, but I've seen it come up when using Outlook.com as well. I believe the attacker snuck a redirect into an advertisement through AdSense, AdChoice, or Valueimpression.
Even if I didn't think it were a scam, it is so aggressive I would have closed it out of anger.
Here's all of the info I could gather...
From browser history:
ca-win.com/win/ca/shaw/index2.php?ip=0.0.0.0&lpkey=15fb66783533005871&uclick=gxa9m73v8n
(edited my IP address out where ip=0.0.0.0)
Remote Address: 167.99.186.30:443
icann.org lookup:
Name: CA-WIN.COM
Registry Domain ID: 2410181333_DOMAIN_COM-VRSN
Domain Status: clientTransferProhibited
Nameservers:
ISLA.NS.CLOUDFLARE.COM
TOM.NS.CLOUDFLARE.COM
Dates
Registry Expiration: 2020-07-07 05:28:12 UTC
Created: 2019-07-07 05:28:12 UTC
Registrar Information:
Name: NameCheap, Inc.
IANA ID: 1068
Abuse Contact Email: abuse@namecheap.com
Abuse Contact Phone: tel:+1.6613102107
DNSSEC Information
Delegation Signed: Unsigned
Authoritative Servers
Registry Server URL: https://rdap.verisign.com/com/v1/domain/ca-win.com
Last updated from Registry RDAP DB: 2019-08-20 11:50:23 UTC
ipinfo.io
IP Address Details for 167.99.186.30
ASN AS14061 DigitalOcean, LLC
Toronto, Ontario
Postal: M5N
Partial list of domains hosted by DigitalOcean:
ca-telius-phone.com
ca-eastlink-phone.com
ca-videotron-phone.com
au-optus.com
canada-winner5.com
phone-wins2.com
australia-winners.com
phone-wins1.com
canada-winners.com
canada-winner2.com
ca-teksavvy-phone.com
ca-win-phone3.com
ca-win.com
canada-winner1.com
ca-telus-phone.com
canada-winner3.com
