I was sent this one a few moments ago, and was expecting it to be a fake AV (ala Total Protection etc), but no, to my surprise, it was infact, for Registry Repair 2008 (a bogus registry cleaner).
The site in question is securonline.net (IP: 220.127.116.11 - ns2.2amnetwork.com, AS32748)
Which then displays:
Following through, we're taken to:
IP: 18.104.22.168 (mail3.smscentar.com, AS21844)
However, contrary to the address bar, the site loads the following via iFrame;
The certificate issued to secureorderstore.com is courtesy of GoDaddy: