diff --git a/address.json b/address.json
index 2a50bc507..67d3aaacc 100644
--- a/address.json
+++ b/address.json
@@ -236,7 +236,7 @@
     "12HR9ciHKMmcs7MJhykPUEhSk7ssA1eu7VWZyoLqyZ1os4Uf",
     "167u8YLEEBwENxQnKw8GJwbWWREoWxMGMnVuXW6HcYBXbVc2"
   ],
-  "social enginnering": [
+  "social engineering": [
     "16JeATU8HazNbaMkpNW2niozWgNu1A6dx5u2kKs7pZaS4Vze"
   ],
   "telegra.ph": [
diff --git a/all.json b/all.json
index 0bd43a221..5be9d186d 100644
--- a/all.json
+++ b/all.json
@@ -1270,7 +1270,6 @@
     "paxfuls.xyz",
     "pcakecoins.finance",
     "peercoinwallet.com",
-    "phishing Polkadot extension",
     "phuture.medium.cn.com",
     "phuture.medium.com.ru",
     "phuture.polkastarter.com.es",
@@ -1628,7 +1627,6 @@
     "saitamatokendrop.com",
     "scaleswap.medium.com.ru",
     "scaleswap.polkastarter.com.es",
-    "scam-check",
     "scopebtc.com",
     "secdappwal.live",
     "securecryptomining.org",
@@ -1679,7 +1677,6 @@
     "smartwalletvalidator.com",
     "smetamask.com",
     "smoothsncsecure.online",
-    "social enginnering",
     "solanium.live",
     "solanium.medium.com.ru",
     "solutiondapps.live",
@@ -1963,7 +1960,7 @@
     "wallenmexico.com",
     "wallerhof.com",
     "wallet-api.link",
-    "wallet-api.online ",
+    "wallet-api.online",
     "wallet-authenticatordapps.com",
     "wallet-authorizations.com",
     "wallet-autosync.art",
diff --git a/meta/2021-10.json b/meta/2021-10.json
index 4903ec2b2..f29cdf6c5 100644
--- a/meta/2021-10.json
+++ b/meta/2021-10.json
@@ -311,10 +311,6 @@
     "date": "2021-10-19",
     "url": "decentralizedintegration.com"
   },
-  {
-    "date": "2021-10-19",
-    "url": "social enginnering"
-  },
   {
     "date": "2021-10-19",
     "url": "tokenmainnet.org"
@@ -757,7 +753,7 @@
   },
   {
     "date": "2021-10-08",
-    "url": "wallet-api.online "
+    "url": "wallet-api.online"
   },
   {
     "date": "2021-10-08",
diff --git a/meta/2021-11.json b/meta/2021-11.json
index 034478dc8..05895f531 100644
--- a/meta/2021-11.json
+++ b/meta/2021-11.json
@@ -899,10 +899,6 @@
     "date": "2021-11-12",
     "url": "xn--unswap-4va.app"
   },
-  {
-    "date": "2021-11-11",
-    "url": "scam-check"
-  },
   {
     "date": "2021-11-10",
     "url": "conn-we.online"
diff --git a/meta/2021-12.json b/meta/2021-12.json
index ccd88d784..dba94909b 100644
--- a/meta/2021-12.json
+++ b/meta/2021-12.json
@@ -1231,10 +1231,6 @@
     "date": "2021-12-20",
     "url": "mainsaffixsync.online"
   },
-  {
-    "date": "2021-12-20",
-    "url": "phishing Polkadot extension"
-  },
   {
     "date": "2021-12-20",
     "url": "polkadot-bonusevents.network"
diff --git a/packages/phishing/src/additions.spec.ts b/packages/phishing/src/additions.spec.ts
new file mode 100644
index 000000000..114ab68b8
--- /dev/null
+++ b/packages/phishing/src/additions.spec.ts
@@ -0,0 +1,82 @@
+// Copyright 2020-2022 @polkadot/phishing authors & contributors
+// SPDX-License-Identifier: Apache-2.0
+
+import fs from 'fs';
+
+import { decodeAddress } from '@polkadot/util-crypto';
+
+const addresses = JSON.parse(fs.readFileSync('address.json', 'utf-8')) as Record<string, string[]>;
+const allowed = JSON.parse(fs.readFileSync('known.json', 'utf-8')) as Record<string, string[]>;
+const all = JSON.parse(fs.readFileSync('all.json', 'utf8')) as { deny: string[] };
+
+describe('added addresses', (): void => {
+  it('has no malformed addresses', (): void => {
+    const invalids = Object
+      .entries(addresses)
+      .map(([url, addrs]): [string, string[]] => {
+        return [url, addrs.filter((a) => {
+          try {
+            return decodeAddress(a).length !== 32;
+          } catch (error) {
+            console.error(url, (error as Error).message);
+
+            return true;
+          }
+        })];
+      })
+      .filter(([, addrs]) => addrs.length);
+
+    if (invalids.length) {
+      throw new Error(`Invalid ss58 checksum addresses found: ${invalids.map(([url, addrs]) => `\n\t${url}: ${addrs.join(', ')}`).join('')}`);
+    }
+  });
+
+  it('has no entries on the known addresses list', (): void => {
+    const added = Object
+      .values(addresses)
+      .reduce<string[]>((all, addrs) => all.concat(addrs), []);
+    const dupes = Object
+      .entries(allowed)
+      .reduce<[string, string][]>((all, [site, addrs]) => all.concat(addrs.map((a) => [site, a])), [])
+      .filter(([, a]) => added.includes(a));
+
+    expect(dupes).toEqual([]);
+  });
+});
+
+describe('added urls', (): void => {
+  it('has no malformed domain-only entries', (): void => {
+    const invalids = all.deny.filter((u) =>
+      u.includes('/') || // don't allow paths
+      u.includes('?') || // don't allow query params
+      u.includes(' ') || // no spaces
+      !u.includes('.') // need at least a domain
+    );
+
+    expect(invalids).toEqual([]);
+  });
+
+  it('has no urls starting with www. (domain-only inclusions)', (): void => {
+    const invalids = all.deny.filter((u) =>
+      u.startsWith('www.')
+    );
+
+    expect(invalids).toEqual([]);
+  });
+
+  it('has no duplicate entries', (): void => {
+    const checks: string[] = [];
+
+    const dupes = all.deny.reduce<string[]>((dupes, url) => {
+      if (!checks.includes(url)) {
+        checks.push(url);
+      } else {
+        dupes.push(url);
+      }
+
+      return dupes;
+    }, []);
+
+    expect(dupes).toEqual([]);
+  });
+});
diff --git a/packages/phishing/src/index.spec.ts b/packages/phishing/src/index.spec.ts
index a72e97cb1..06718213a 100644
--- a/packages/phishing/src/index.spec.ts
+++ b/packages/phishing/src/index.spec.ts
@@ -1,16 +1,8 @@
 // Copyright 2020-2022 @polkadot/phishing authors & contributors
 // SPDX-License-Identifier: Apache-2.0
 
-import fs from 'fs';
-
-import { decodeAddress } from '@polkadot/util-crypto';
-
 import { checkAddress, checkIfDenied } from '.';
 
-const addresses = JSON.parse(fs.readFileSync('address.json', 'utf-8')) as Record<string, string[]>;
-const allowed = JSON.parse(fs.readFileSync('known.json', 'utf-8')) as Record<string, string[]>;
-const all = JSON.parse(fs.readFileSync('all.json', 'utf8')) as { deny: string[] };
-
 describe('checkIfDenied', (): void => {
   it('returns false when host is not listed', async (): Promise<void> => {
     expect(
@@ -74,71 +66,3 @@ describe('checkAddress', (): void => {
     ).toEqual('polkadots.network');
   });
 });
-
-describe('check additions', (): void => {
-  it('has no malformed addresses', (): void => {
-    const invalids = Object
-      .entries(addresses)
-      .map(([url, addrs]): [string, string[]] => {
-        return [url, addrs.filter((a) => {
-          try {
-            return decodeAddress(a).length !== 32;
-          } catch (error) {
-            console.error(url, (error as Error).message);
-
-            return true;
-          }
-        })];
-      })
-      .filter(([, addrs]) => addrs.length);
-
-    if (invalids.length) {
-      throw new Error(`Invalid ss58 checksum addresses found: ${invalids.map(([url, addrs]) => `\n\t${url}: ${addrs.join(', ')}`).join('')}`);
-    }
-  });
-
-  it('has no entries on the known addresses list', (): void => {
-    const added = Object
-      .values(addresses)
-      .reduce<string[]>((all, addrs) => all.concat(addrs), []);
-    const dupes = Object
-      .entries(allowed)
-      .reduce<[string, string][]>((all, [site, addrs]) => all.concat(addrs.map((a) => [site, a])), [])
-      .filter(([, a]) => added.includes(a));
-
-    expect(dupes).toEqual([]);
-  });
-
-  it('has no malformed domain-only entries', (): void => {
-    const invalids = all.deny.filter((u) =>
-      u.includes('/') ||
-      u.includes('?')
-    );
-
-    expect(invalids).toEqual([]);
-  });
-
-  it('has no urls starting with www. (domain-only inclusions)', (): void => {
-    const invalids = all.deny.filter((u) =>
-      u.startsWith('www.')
-    );
-
-    expect(invalids).toEqual([]);
-  });
-
-  it('has no duplicate entries', (): void => {
-    const checks: string[] = [];
-
-    const dupes = all.deny.reduce<string[]>((dupes, url) => {
-      if (!checks.includes(url)) {
-        checks.push(url);
-      } else {
-        dupes.push(url);
-      }
-
-      return dupes;
-    }, []);
-
-    expect(dupes).toEqual([]);
-  });
-});
diff --git a/scripts/sortAll.mjs b/scripts/sortAll.mjs
index 2783fa9d0..48aa14926 100644
--- a/scripts/sortAll.mjs
+++ b/scripts/sortAll.mjs
@@ -44,11 +44,11 @@ function sortAddresses (values) {
     }, {});
 }
 
-function addSites (deny, values) {
+function addSites ({ allow, deny }, values) {
   return Object
     .keys(values)
     .reduce((filtered, url) => {
-      !filtered.includes(url) && !KNOWN_URLS.includes(url) &&
+      url.includes('.') && !url.includes(' ') && !url.includes('/') && !allow.includes(url) && !filtered.includes(url) && !KNOWN_URLS.includes(url) &&
         filtered.push(url);
 
       return filtered;
@@ -103,7 +103,7 @@ export function writeMeta (meta) {
 const addr = readJson('address.json');
 const all = readJson('all.json');
 const meta = readMeta();
-const deny = sortSection(addSites(all.deny, addr));
+const deny = sortSection(addSites(all, addr));
 
 // rewrite with all our entries (newline included)
 writeJson('address.json', sortAddresses(addr));