diff --git a/cves/2022/CVE-2022-23779.yaml b/cves/2022/CVE-2022-23779.yaml
index fefab1e202..4748da6a47 100644
--- a/cves/2022/CVE-2022-23779.yaml
+++ b/cves/2022/CVE-2022-23779.yaml
@@ -36,9 +36,20 @@ requests:
           - 'text/html'
         condition: and
 
-      - type: dsl
-        dsl:
-          - '!contains(location,host)'
+      - type: word
+        part: location
+        words:
+          - '{{Host}}'
+        negative: true
+
+      - type: word
+        words:
+          - '<center><h1>301 Moved Permanently</h1></center>'
+
+      - type: regex
+        part: header
+        regex:
+          - 'https?:\/\/(.*):'
 
     extractors:
       - type: regex