WordPress version outdated: Upgrade required.
Outdated WordPress Found: WordPress Under 4.0
WOT flags the redirect:
https://www.mywot.com/en/scorecard/biglistofwebsites.com?utm_source=addon&utm_content=popup
as seen here: http://browser-updatez.ru/?80&source=americanvalley.net
Flagged: http://killmalware.com/americanvalley.net/
44 malicious files flagged: http://quttera.com/detailed_report/americanvalley.net
Detected reference to malicious blacklisted domain -kitf.org → https://www.mywot.com/en/scorecard/kitf.org?utm_source=addon&utm_content=popup
Blacklisted: http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=americanvalley.net
and also via SpamHaus: americanvalley.net has been listed in the DBL because it has been hacked. The domain americanvalley.net is currently being abused by cyber-criminals who have hacked the website’s hosting or its content management system (typically Wordpress, Joomla, etc) and placed malicious files on the web server. Please clean up this infection before removing the domain from the DBL.
The malicious files can be found here: hXXp://americanvalley.net/wp-content/themes/elegantbusiness-theme-v2.1/inc/tgm-plugin-activation/plugins/utf.php
jquery.js n/a ver=1.10.2, wp-content/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js n/a ver=4.1.1
wp-content/themes/ElegantBusiness-theme-v2.1/framework/js/public/jquery.validate.min.js n/a ver=3.6.1
-http americanvalley.net /wp-includes/js/jquery/jquery-migrate.min.js n/a ver=1.2.1 - should be patched for Drupal
Issues here, see: https://core.trac.wordpress.org/changeset?old_path=tags/3.6&new_path=tags/3.6.1
polonus (volunteer website security analyst and website error-hunter)