diff --git a/waf.lua b/waf.lua
index 18c1d04..92769fb 100644
--- a/waf.lua
+++ b/waf.lua
@@ -11,15 +11,15 @@ else
 --        check()
     elseif  ngx.re.match(ngx.var.request_uri,[[%00|%0b|%0d|%c0%ae|%0a]],"isjo") then
         check()
+    elseif ngx.var.http_user_agent and ngx.re.match(ngx.var.http_user_agent,regex.."|"..agent,"isjo")  then
+        log('USER-AGENT',ngx.unescape_uri(ngx.var.request_uri))
+        check()
     elseif ngx.req.get_body_data() and ngx.re.match(ngx.unescape_uri(ngx.req.get_body_data()),regex,"isjo")then
         log('POST',ngx.unescape_uri(ngx.var.request_uri),ngx.unescape_uri(ngx.req.get_body_data()))
         check()
 --    elseif ngx.req.get_headers()["Cookie"] and ngx.re.match(ngx.unescape_uri(ngx.req.get_headers()["Cookie"]),regex,"isjo")then
 --        log('COOKIE',ngx.unescape_uri(ngx.var.request_uri),ngx.unescape_uri(ngx.req.get_headers()["Cookie"]))
 --        check()
-    elseif ngx.var.http_user_agent and ngx.re.match(ngx.var.http_user_agent,regex.."|"..agent,"isjo")  then
-        log('USER-AGENT',ngx.unescape_uri(ngx.var.request_uri))
-        check()
     elseif ngx.req.get_headers()['Acunetix-Aspect']  then
         ngx.exit(400)
     elseif ngx.req.get_headers()['X-Scan-Memo'] then