I'm fairly certain my Cloudflare account hasn't been compromised, at least all the DNS records hasn't been changedm I have 2fa on the account, and there's no other sign of unauthorised login to the Cloudflare portal.
By the way, back in June you also had a certificate issued for this hostname: crt.sh | limzykenneth.com There is exactly two months in between: the recommended renewal interval of 60 days. Are you absolutely sure you don’t have an ACME client laying around yourself issuing this certificate for you? Because it sure looks like it.
That is unexpected as well, I definitely did not have LE setup on this domain and its subdomain. The server itself is on Heroku (the subdomain something.limzykenneth.com is also on Heroku but on a different dyno). As far as I can tell, there's no breach in my account over at Heroku as well.
My only experience with LE certificate issuance is with another completely unrelated domain so I'm quite sure there isn't anything setup on my end that requested these certificates.