Recently a vulnerability in the SSLv3 protocol was discovered by Google researchers, which allows to decrypt session keys and, as a consequence, read confidential information. Much like the 2011 BEAST attack, this man-in-the-middle attack enforces an SSLv3 connection, although your Browser and the server on the other end may support higher/newer protocols.

Further information:

It is strongly recommended to deactivate SSL 3.0 completely in your Browser and on any server. You can check here, if your server configuration needs to be updated:

NEW You can also bulk check multiple servers.

Vulnerable Server

Until now we found 8545 servers vulnerable to the POODLE attack. The most recent additions to this list are:

Server Service letzte Prüfung
pay.rongyi.com https
pi-informatik.de https
pi-informatik.de https
pi-informatik.de https
www.h-epta.de https
waukesha.k12.wi.us https
www.lekon-service.com https
mail.yemenmobile.com.ye https
harpercollins.net https
www.latebird.co https
3wsistemas.com.br https
engoo.com.tw https
engoo.com.tw https
mail.squ.edu.om https
www.buergel-ddm.de https