diff --git a/pkg/detectors/mailchimp/mailchimp.go b/pkg/detectors/mailchimp/mailchimp.go
index 423d3ecf09f1..dc8be6bc5cfc 100644
--- a/pkg/detectors/mailchimp/mailchimp.go
+++ b/pkg/detectors/mailchimp/mailchimp.go
@@ -19,7 +19,7 @@ type Scanner struct{}
 var _ detectors.Detector = (*Scanner)(nil)
 
 var (
-	// TODO: Other country patterns?
+	client = common.SaneHttpClient()
 	keyPat = regexp.MustCompile(`[0-9a-f]{32}-us[0-9]{1,2}`)
 )
 
@@ -46,29 +46,29 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 		if verify {
 			datacenter := strings.Split(match, "-")[1]
 
-			client := common.SaneHttpClient()
 			// https://mailchimp.com/developer/guides/marketing-api-conventions/
 			req, err := http.NewRequestWithContext(ctx, "GET", fmt.Sprintf("https://%s.api.mailchimp.com/3.0/", datacenter), nil)
 			if err != nil {
 				continue
 			}
 			req.SetBasicAuth("anystring", match)
+			req.Header.Add("accept", "application/json")
 			res, err := client.Do(req)
 			if err == nil {
-				res.Body.Close() // The request body is unused.
-
-				if res.StatusCode == 200 {
+				defer res.Body.Close()
+				if res.StatusCode >= 200 && res.StatusCode < 300 {
 					s.Verified = true
+				} else {
+					// This function will check false positives for common test words, but also it will make sure the key appears 'random' enough to be a real key.
+					if detectors.IsKnownFalsePositive(match, detectors.DefaultFalsePositives, true) {
+						continue
+					}
 				}
 			}
 		}
 
-		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
-			continue
-		}
-
 		results = append(results, s)
 	}
 
-	return
+	return results, nil
 }