This is similar to the issue reported earlier (https://github.com/tijme/angularjs-csti-scanner/issues/7) . For scanning URLS in an authenticated session , I updated extended.py with the session cookies. But the initial requests that ACSTIS makes (The same set of requests that were earlier ignoring the proxy values mentioned in extended.py) do not append the cookies and I get an error in the console as the URL is not reachable. Work-Around for authenticated Session: For the moment in order to make ACSTIS work, I am routing the scanner's requests vis Burp and I am appending the cookies to all requests using Burp's Match and replace feature (Proxy->Options->Match and Replace)