diff --git a/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml b/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml
index d327f0d8a1..b1a3848c40 100644
--- a/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml
+++ b/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml
@@ -38,6 +38,11 @@ requests:
         words:
           - "dns"
 
+      - type: word
+        part: location
+        words:
+          - '/mifs/user/login.jsp?error=1'
+
       - type: regex
         part: interactsh_request
         regex:
@@ -49,5 +54,3 @@ requests:
         group: 1
         regex:
           - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${hostName} in output
-
-# Enhanced by cs on 2022/02/28