The link starts out "19julMac11.z5." before getting to the "web.core.windows.net" bit. "19jul" was the date; she was on a "Mac"; I'm unsure what the 11 designated, and "z5" may have been the universal time zone we're in (Eastern Daylight Time).
The page had three windows and told you audibly that your computer had been hijacked, not to shut down, and to call "Mac support" at a number on the screen. She called and reached a fellow with an Indian accent who called back when she hung up on him. It was a Safari page, with a lot of i/o disabled. I told her to shut it down. She got back into it after restarting. Quitting Safari dismissed it. In her history, the link above was proceeded by an adclick, but I didn't know how to identify that.
It seemed similar to an old Safari page from 5-10 years ago, fairly harmless if you didn't give the Indian fellow your credentials. However,, well, drivebys exist, so I asked here, wondering if anybody knew whether there might be deeper threats within it.