See: http://killmalware.com/howtoreadpianomusic.org/#

VT scan will not materialize for -http://howtoreadpianomusic.org

Zulu Zscaler: suspicious but no malware, benign defacement: http://zulu.zscaler.com/submission/show/96802d4021d7fb65c44b08fe14fab83d-1473932084

The warnings denote that site could be hacked and defaced: https://asafaweb.com/Scan?Url=howtoreadpianomusic.org

Overview
Cookies not flagged as “HttpOnly” may be read by client side script and are at risk of being interpreted by a cross site scripting (XSS) attack. Whilst there are times where a cookie set by the server may be legitimately read by client script, most times the “HttpOnly” flag is missing it is due to oversight rather than by design.

Result
It looks like a cookie is being set without the “HttpOnly” flag being set (name : value):

_asomcnc : 1
Unless the cookie legitimately needs to be read by JavaScript on the client, the “HttpOnly” flag should always be set to ensure it cannot be read by the client and used in an XSS attack. See: -http://www.domxssscanner.com/scan?url=http%3A%2F%2Fhowtoreadpianomusic.org%2F

Consider: http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fhowtoreadpianomusic.or
Cannot resolve: http://www.rexswain.com/cgi-bin/httpview.cgi

polonus