I was sent this one a few moments ago, and was expecting it to be a fake AV (ala Total Protection etc), but no, to my surprise, it was infact, for Registry Repair 2008 (a bogus registry cleaner).
The site in question is securonline.net (IP: 22.214.171.124 - ns2.2amnetwork.com, AS32748)
Which then displays:
Following through, we're taken to:
IP: 126.96.36.199 (mail3.smscentar.com, AS21844)
However, contrary to the address bar, the site loads the following via iFrame;
The certificate issued to secureorderstore.com is courtesy of GoDaddy: