Is there an existing issue for this?

• I have searched the existing issues.

Current Behavior

In multi-request HTTP templates, http_2_host (and other host-related variables) incorrectly inherits the value from http_1_host when the requests target different domains. Both requests end up using the host from the original target URL instead of their respective actual hosts, including any request parameters that were present in the original query.

Expected Behavior

Each request in a multi-request HTTP template should generate its own host-related variables (http_X_host, http_X_hostname, etc.) based on its actual evaluated URL. For example:

http_1 pointing to https://example.com should have http_1_host = example.com
http_2 pointing to https://google.com should have http_2_host = google.com

Steps To Reproduce

Run the below template as follows: nuclei -duc -id 'host-variable-bug-demo' -u 'https://example.com/?a=1' -debug -svd
Observe that the second request has '?a=1' appended and the http_2_host variable is example.com instead of google.com.

id: host-variable-bug-demo
info:
  name: HTTP Host Variable Bug Demonstration
  author: nuclei
  severity: info
  description: |
    Demonstrates the bug where http_2_host incorrectly inherits http_1_host value
    when requests target different domains.

http:
  - method: GET
    path:
      - "{{BaseURL}}"
    headers:
      Host: "{{Hostname}}"
      User-Agent: Nuclei

    matchers:
      - type: status
        status:
          - 200

  - method: GET
    path:
      - "https://google.com"

    matchers:
      - type: status
        status:
          - 200

    extractors:
      - type: dsl
        dsl:
          - "http_2_host"

Environment

- OS: Debian Trixie
- Nuclei: 3.7.0

Anything else?

No response