UserAgent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.89 Safari/537.36 OPR/49.0.2725.47

Steps to reproduce the problem:
1. Go to any "cloudflare-protected" site (example - https://kostyakulakov.ru)
2. Look at https status

What is the expected behavior?
Browser must warn about invalid certificate because cloudflare violates end-to-end security.

What went wrong?
Browser allows cloudflare to perform MITM attack without any warning. Cloudflare can intercept and modify all traffic between site visitor and site owner.

Did this work before? No 

Chrome version: 62.0.3202.89  Channel: stable
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version: 

Cloudflaressl certificates must have untrusted status until Cloudflare will use end-to-end encryption between "ddos-protected" site owner and visitors.