https://github.com/pirate/sites-using-cloudflareSeems for the last several months Cloudflare has been leaking https sessions.
I know a lot of private trackers use Cloudflare, so a lot of info for those sites could be floating around out there, including passwords.
https://bugs.chromium.org/p/project-...detail?id=1139
http://www.doesitusecloudflare.com/