See: http://retire.insecurity.today/#!/scan/d67500194aa46778834f04df92adddf7254d4ad1dfa6963ac2cf96559d456400
2 vulnerable libraries detected on Cloudflare nginx server h2 , spdy/3.1, http/1.1 DNS:-ssl359303.cloudflaressl.com
risk rating 9 red out of 10: http://toolbar.netcraft.com/site_report?url=http%3A%2F%2F104.16.28.216%2F
Open SSL. POST /gsorganizationvalsha2g2 HTTP/1.1
Host: -ocsp2.globalsign.com → https://observatory.mozilla.org/analyze.html?host=ocsp2.globalsign.com
No sources beside sinks detected: http://www.domxssscanner.com/scan?url=http%3A%2F%2Focsp2.globalsign.com
Re: http://research.insecurelabs.org/jquery/test/
and again javascript at the core of the problem.
polonus