These sites in the Alexa Top 10,000 were vulnerable to man-in-the-middle attacks shortly before DROWN was publicly disclosed on March 1, 2016. This list includes only sites for which name.com, www.name.com, or login.name.com was vulnerable. Many more sites were vulnerable on other subdomains or to other forms of the attack.