Your site absolutely has some sort of browser caching enabled. If you go to the site and click the refresh button in a browser, a 304 response code is being returned:
A 304 code tells the browser that it should load it's previously cached HTML for the current URL. So, even if a user has just authenticated, the non-authenticated HTML will be displayed by the browser. We can't fix that in JFBConnect. Conservative caching in Joomla will *not* return 304 headers. You must be using something else, either from a Joomla extension (like the Joomla - Page Cache plugin) or in your server itself (nginx looks to be your server software, which can implement browser caching on it's own).
I hope that helps narrow things down, but if you get the 304 response codes removed and still have issues, just let us know.
Thanks,
Alex