Originally Posted By: ZeeOSix
BTW, this is a new smartphone and I've only downloaded 2 apps so far, both from the Google Play Store, so I doubt it stemmed from a downloaded application.
1) Weather Underground
2) A scientific calculator
I took a couple of screenshots of the website address, so I'll just post the .png screenshots here (instead of PM-ing OVERKILL) since there is no way to click the links. It was stubborn to get to shutdown, and it didn't want to go away until I closed all open browsing windows.
The domain is registered in Panama but it is likely actually Chinese, as I see it coming up in some of the Chinese ad-revenue channels. Likely a malware hijack/ransomware like you surmised. Wouldn't have much effect on your phone, but I can definitely understand your concern. These things are generally written for Windows.
This is one of those situations where, if you wanted to know more, you'd put it in a Windows scratch VM on a Linux box running through a PFSense VM firewall and follow the link and see what it downloads, from where, and where it calls out to.