I recognized that the Inactive 2FA Report requires an exact URL, without subdomains:

• https://login.xing.com/ is not reported
• https://www.xing.com/ is reported

When I log into Xing for the first time and Bitwarden asks me if the password should be stored, then Bitwarden stores https://login.xing.com/ (and the Inactive 2FA Report tells me that no sites are found).

The average user does not know that the URL should be changed to https://www.xing.com/ just for the Inactive 2FA Report.

These issue surely exists on other pages, like Amazon, where I have the URLs:

• https://www.amazon.de/
• https://smile.amazon.de/
• https://www.amazon.de/ap/signin
• https://amazon.de/ap/signin
• https://smile.amazon.de/ap/signin

But on Two Factor Auth (https://twofactorauth.org/) the URL for Amazon is https://www.amazon.com/
So all country domains (like .de, .es, etc) might cause these problems.

For Amazon I requested at the Two Factror Auth List that they add all international domains.
So the “Inactive 2FA report” will report Amazon no matter what country domain is used.

@tgreer In the GitHub posting I received the following reply:

Just a quick note: Even if we implement something like a domain array for entries in our lists, it still won’t show up on Bitwarden as long as they keep using API v1. That’s a depricated version which won’t get any new features.

So you should (have to) use the new API version of the Two Factor Auth List, because

• the old version is deprecated
• the old version will not get any new features

Please update to the new API.

Noted and captured, thanks @OLLI_S!