Subdomain hack and defacement incorrect installed certificate on main domain!

Google Cloud Abuse: https://toolbar.netcraft.com/site_report?url=110.153.201.35.bc.googleusercontent.com

Main domain: Wrong certificate installed.
The domain name does not match the certificate common name or SAN.
Warnings
Root installed on the server.
For best practices, remove the self-signed root from the server.
AddTrust Comodo - host name -110.153.201.35.bc.googleusercontent.com
Name mismatch - common name: www.matrixc.com

What subdomain hacked? → http://overflowzone.com/mirror/39115/
IP PHISH: https://checkphish.ai/ip/192.254.233.173

On main domain: https://urlscan.io/domain/gappsmy.com
Insecure: -https://110.153.201.35.bc.googleusercontent.com/

polonus (volunteer website security analyst and website error-hunter)

Another such site defacement - http://urlquery.net/report/cb9ae47e-aa02-4d75-a706-93a295e89507
Nothing flagged: https://www.virustotal.com/#/url/19241f66e6d37aed8be4dcb03abab63321352a604c7f5dc8d79fa31fdcfe2293/detection
Source: http://urlquery.net/report/cb9ae47e-aa02-4d75-a706-93a295e89507
Warnings 2: https://asafaweb.com/Scan?Url=hff.co.za%2Findex.html
Related to hack: https://asafaweb.com/Scan?Url=i.hizliresim.com (without title)
Reporter - Archive Attack Reporter: TurkHacks.Com (The Netherlands)

polonus