Hacked and defaced website on insecure hosting....

See: http://toolbar.netcraft.com/site_report?url=http://thebirddepot.com
Hash collicion vulnerable: Missing SRI hash
Reversed DNS address: https://dragon.vivawebhost.com/cgi-sys/defaultwebpage.cgi
Nameserver and above address server DROWn vulnerable: https://test.drownattack.com/?site=ns1-dragon.vivawebhost.com
Hoster with bad web rep: https://www.mywot.com/en/scorecard/dragon.vivawebhost.com?utm_source=addon&utm_content=rw-viewsc
Crypto report gives warnings:
Warnings
RC4
This server uses the RC4 cipher algorithm which is not secure. Disable the RC4 cipher suite and update the server software to support the Advanced Encryption Standard (AES) cipher algorithm. Contact your web server vendor for assistance.
Browser compatibility is at risk.
Modern browsers may not trust certificates signed using a SHA-1 hash algorithm. Contact your Certificate Authority to replace SHA-1 certificates installed on the server with SHA-256 certificates.
RSA remove cross certificates
The certificate chain contains a cross root (primary intermediate) certificate that should be removed. Use Symantec CryptoReport to remove cross root certificates.
Info
BEAST
The BEAST attack is not mitigated on this server.
Certificate information
This server uses a Domain Validated (DV) certificate. No information about the site owner has been validated. Data is protected, but exchanging personal or financial information is not recommended.
Common name:
*.vivawebhost.com
SAN:
*.vivawebhost.com, vivawebhost.com
Valid from:
2014-Sep-28 12:17:42 GMT
Valid to:
2016-Oct-01 01:04:55 GMT
Certificate status:
Valid
Revocation check method:
OCSP
Organization:

Organizational unit:
Domain Control Validated - RapidSSL(R),See www.rapidssl.com/resources/cps (c)14,GT90460727
City/locality:

State/province:

Country:

Certificate Transparency:
Not embedded in certificate
Serial number:
157e99
Algorithm type:
SHA1withRSA
Key size:
2048
Certificate chainShow details
GeoTrust Global CAIntermediate certificate
RapidSSL CAIntermediate certificate

F-Status here: https://securityheaders.io/?q=https%3A%2F%2Fdragon.vivawebhost.com%2F

pol