As I kept failing to scan a virtualhost web server behind an nginx, I started to look into this configuration “expand_vhosts”
I found that the default setting of “expand_vhosts” is “1”, which suggests “enabled”
In that condition, the scanner does not scan my target which is written in the virtualhost name.
Instead, the scanner resolves the IP of the virtualhost, looks up the FQDN, and scans only the FQDN host. That is, the scanner does not send any http_host_header related to the virtualhost I ordered.
When I turn off “expand_vhosts” by setting it to “0”, I see the “Name” column in the Report results aligned with my designated virtualhost. Perhaps that is the right way to scan a virtualhost hidden behind an nginx.