I visited the old website and it looked exactly the same as the one posted by Alejjanndro. It was very basic HTML and had references to Windows 9x on it. I thought it odd.
The website – axantum.com – was delivered over HTTPS and I checked the certificate. It was issued by Symantec.
I did a bit of research online and found this story about how Symantec are issuing real certificates to bogus people.
It occurs to me that there may be some form of cache poisoning going on. User A visits axantum.com and gets redirected. The fake website then appears and delivers up malware infected files (a guess) but because it has a SSL certificate it appears genuine.