Transactional Email API Service For Developers - Transactional Email API Service For Developers | Mailgun (mailgun.com) Security Report | Score 57/100 (High Risk)

mailgun.com

Scan Time: 2026-05-21 06:45:16

Re-scan

High Risk

2026-05-21 06:45:16

Security Issues Found

⚠️被列入 1 个黑名单: AlienVault OTX
⚠️AlienVault OTX 有 4 个社区讨论（非直接威胁）
⚠️[HIGH] 敏感路径暴露
⚠️[LOW] 服务器信息泄露
⚠️[MEDIUM] 缺少 HTTP 安全头

Recommendations

💡限制对这些路径的访问或添加认证
💡移除或修改 Server/X-Powered-By 响应头
💡添加 DMARC 记录增强邮件安全
💡配置 Web 服务器添加这些安全头
💡申请从黑名单中移除，并修复安全问题

🌐Domain Info

Targetmailgun.com

Registeredmailgun.com

TLD.com

🛡️Threat Intelligence (7 platforms)

BlacklistAlienVault OTX

Malware4

Phishing0

Abuse Score0/100

🐛Vulnerabilities Found (3)

MEDIUM缺少 HTTP 安全头

缺少以下安全头: X-XSS-Protection

Fix: 配置 Web 服务器添加这些安全头

LOW服务器信息泄露

响应头泄露服务器信息: Server: cloudflare, X-Powered-By: WP Engine

Fix: 移除或修改 Server/X-Powered-By 响应头

HIGH敏感路径暴露

发现可访问的敏感路径: /.git/config, /phpmyadmin

Fix: 限制对这些路径的访问或添加认证

🔌Open Ports (4)

http

443

https

8080

unknown

8443

unknown

🌐DNS Records

A: 141.193.213.11

A: 141.193.213.10

MX: 10 mailgun-com.mail.protection.outlook.com.

NS: ns-1471.awsdns-55.org.

NS: ns-1728.awsdns-24.co.uk.

NS: ns-445.awsdns-55.com.

NS: ns-907.awsdns-49.net.

TXT: "onetrust-domain-verification=6698df98aa31414bade2ca78ad03f42b"

TXT: "docusign=8f7c2cb9-7015-46f8-b26b-a1c13f412427"

TXT: "bugcrowd-verification=4cfd023b67ca6489057ee815ea658e87"

TXT: "0ed1fe018a7f0a47a8f5154d6984c025c42e01c9a4"

TXT: "_xa8frhmx1cbo7youra0kzwfglbm4omm"

TXT: "google-site-verification=ChC3YSBR2P7viG3AtShPTVSXpAMQ_FjD1FPKbRCGg6w"

TXT: "MS=ms62942047"

TXT: "knowbe4-site-verification=2ea4e05c3e01242d5ada61ac31b49db3"

TXT: "mgverify=186c58bed97ee8fc9d076c485ced3d54b600e351aa03e67a65f1195940289818"

TXT: "mgverify=0fc9dc57d474602a753165e2890f94083d5dbaec901c40774e5a034088d27bae"

TXT: "atlassian-domain-verification=lgoAYsfQGA+keMEgwL40ZSlBpXSqnDEYpoxd5oGPFTS/58k9yaanrepGbOmyhBzv"

TXT: "mgverify=0d5f4431a73937c5d0a05fe6940f7c1cadae69994b9736359fcf321ecc8e1222"

TXT: "miro-verification=121329dbcd8a9b88b8c5eccd5a1996ad3cbcfd5b"

TXT: "OSSRH-79800"

TXT: "821btkfcwyb92fwsv2jdcvn96fj2kxn5"

TXT: "v=spf1 include:_spf.mailgun.org include:_spf.eu.mailgun.org include:spf.protection.outlook.com include:aspmx.pardot.com include:mail.zendesk.com ~all"

TXT: "ZOOM_verify_wH9ecHq8Sbu_sbeSjEJVVA"

TXT: "stripe-verification=5b9f98250a449dd9796e90428874106fa8fbbb3d64360afb60bc26232a0cb787"

TXT: "p5mycdjzy7mtt27qprhwjcwyl72wf27s"

TXT: "mgverify=c305422ef1545ff8f33cc4ede96940d748d956a7a1758661637b14c0b4dcd3a8"

TXT: "mgverify=120b7682e55b929214474bd95651f3c8cf29fc8001f2c6e5a1aa171fa7b75c4a"

TXT: "wiz-domain-verification=bb12d2252b41b3b8b8eaf84c95f0bb93cfea47e40192212d52a3aec6cc492d4a"

TXT: "h1-domain-verification=TZWn28VgTk9fBsSnj2SwPt3BCHNwu8yhS7ucHLarzHus1xhm"

SOA: ns-1471.awsdns-55.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

📋HTTP Headers

X-Frame-Options: SAMEORIGIN

X-Content-Type-Options: nosniff

Strict-Transport-Security: max-age=63072000

Content-Security-Policy: upgrade-insecure-requests;

Referrer-Policy: strict-origin-when-cross-origin

Permissions-Policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscre

Server: cloudflare

X-Powered-By: WP Engine

Website Security Scanner