diff --git a/firewall2.sh b/firewall2.sh
index 071847a..94acceb 100755
--- a/firewall2.sh
+++ b/firewall2.sh
@@ -28,6 +28,7 @@ NFT_DROP='counter drop'
 NFT_ACCEPT='counter accept'
 NFT='/usr/sbin/nft'
 NFT_CACHE='/tmp/nft.cache'
+TMP_BLOCK='/tmp/tmp-blocked.txt'
 ####
 SAVED_BOTS='/opt/firewall/bots.txt'
 CRAWLER_DB='/opt/firewall/crawlers.txt'
@@ -317,12 +318,24 @@ start() {
 
 }
 
+research(){
+	STATS=( $( cat $TMP_BLOCK ) )
+	for i in "${STATS[@]}"; do
+		echo "------------------[Researching $i]-----------------------"
+		grep $i $NGINX_LOG 
+		echo "------------------[ENDi]-----------------------"
+	done
+}
+
 status() {
 	DATE="$(date +%d/%b/%Y:%H:%M -d '1 min ago' )"
 	STATS=$( grep $DATE $NGINX_ACCESS | grep -vi $MY_IP | wc -l  )
 	GET=$( grep $DATE $NGINX_ACCESS | grep -vi $MY_IP | grep GET | wc -l  )
 	POST=$( grep $DATE $NGINX_ACCESS | grep -vi $MY_IP | grep POST | wc -l  )
 	PUT=$( grep $DATE $NGINX_ACCESS | grep -vi $MY_IP | grep -i PUT | wc -l  )
+	NOT_FOUND=$( grep $DATE $NGINX_ACCESS | grep -vi $MY_IP | grep 404 | wc -l  )
+	GATEWAY=$( grep $DATE $NGINX_ACCESS | grep -vi $MY_IP | grep 502 | wc -l  )
+	SUCCESS=$( grep $DATE $NGINX_ACCESS | grep -vi $MY_IP | grep 200 | wc -l  )
 	CRAWL=$( grep $DATE $NGINX_ACCESS | grep -vi $MY_IP | grep -Ei -f $CRAWLER_DB | wc -l  )
 	echo "=================================================================="
 	echo "Attack Threshold: $ATTACK_THRESHOLD"
@@ -334,8 +347,13 @@ status() {
 	echo "	POST: $POST"
 	echo "	Crawlers: $CRAWL"
 	echo
+	echo "Query Stats:: "
+	echo "	200: $SUCCESS"
+	echo "	404: $NOT_FOUND"
+	echo "	502: $GATEWAY"
+	echo
 	echo "Blocked IP's:"
-	cat /tmp/tmp-blocked.txt
+	cat $TMP_BLOCK
 	echo "=================================================================="
 }
 
@@ -357,7 +375,7 @@ stop() {
 }
 
 forgive() {
-	IP=( $( grep -vi $MY_IP /tmp/tmp-blocked.txt ) )
+	IP=( $( grep -vi $MY_IP $TMP_BLOCK) )
 	echo $IP
 	for i in "${IP[@]}"; do
 		echo "Checking $i"
@@ -366,7 +384,7 @@ forgive() {
 		echo $NFT delete rule ip filter input handle $HANDLE
 		$NFT delete rule ip filter input handle $HANDLE
 	done
-	echo > /tmp/tmp-blocked.txt
+	echo > $TMP_BLOCk
 }
 
 saved-attackers() {
@@ -401,7 +419,7 @@ watch() {
 				if [[ "$COUNT" -gt "$ATTACK_THRESHOLD" ]]; then
 					echo "Blocking IP: $i"
 					logger "Blocking IP: $i"
-					echo $i >> /tmp/tmp-blocked.txt
+					echo $i >> $TMP_BLOCK
 					$NFT add rule ip filter input ip saddr $i $NFT_DROP
 			 	fi
 			else
@@ -428,6 +446,8 @@ elif [ "$1" = "forgive" ]; then
 	forgive
 elif [ "$1" = "watch" ]; then
 	watch
+elif [ "$1" = "research" ]; then
+	research 
 elif [ "$1" = "stop" ]; then
 	stop
 elif [ "$1" = "saved" ]; then