I manage a domain with quite a few devices on separate subdomains, and use 1Password as a means to easily create and enter unique admin passwords for each.
Let's say I have two hosted at rtr.example.com and datastation.example.com. For each, I'll create an entry in 1Password, enter its domain (only the domain) under the "website" field, generate passwords, and go from there. If I want to login to rtr.example.com, I'll then just visit its admin page in Safari, activate 1Password, and its entry will then be at the top of the suggestions. If I then go to datastation.example.com and do the same, it should now be at the top of the suggestions, and indeed until recently that's what happened.
Now, if I login to rtr.example.com first, its credentials will persist at the top of the suggestions list for any website I visit hosted on a subdomain of example.com for some indeterminate time. If I then try to login to datastation.example.com, its entry will appear quite far down the list of suggestions. (There are a lot of passwords under the domain, and they seem to be unsorted aside from the first suggestion, which is now stuck as rtr.example.com.) If I instead login to datastation.example.com first, its credentials now become stuck at the top of the suggestions for any subdomain under example.com, and I'll have to search manually when I try to login to rtr.example.com.
This is very annoying behavior, and has changed recently. It used to be that the first suggestion when entering the password on any page always matched the full domain of that page. (i.e. An entry for example.com would always be near the top of the suggestions for anything under example.com, but, for instance, rtr.example.com would never appear as a suggestion outside of the rtr.example.com subdomain.) I hope I'm just missing a setting to disable this behavior, but it actually reduces the security of 1Password.
Because of this, 1Password may currently offer as a first suggestion a password which does not match the full domain of the page being viewed. Though rare, it's not impossible that this will be a website controlled by a different entity entirely. (Technically that's exactly what's happening in my example, though the security impact of accidentally entering the password for one device into another that I also manage is, at least, fairly low.)
1Password Version: 7.4.2
Extension Version: 7.4.2
OS Version: 10.15.2
Sync Type: Not Provided