HTTP/1.1 200 
Accept-Ranges: bytes
Content-Type: text/html
Date: Sun, 11 Jan 2026 22:52:21 GMT
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src 'none'; form-action 'none'; frame-ancestors 'none'; report-uri https://hannx.report-uri.com/r/t/csp/wizard
Content-Security-Policy: base-uri 'self'; form-action 'self'; media-src 'self' https:; worker-src 'self'; manifest-src 'self'; img-src data: 'self' https:; font-src 'self' https:; connect-src 'self' https://prdhannx.aaalife.com https:; object-src 'none'; upgrade-insecure-requests; frame-src 'none'; frame-ancestors 'self' localhost:* aaalifeinsurance--c.vf.force.com aaalifefield.lightning.force.com aaalifefield.my.salesforce.com aaalifefield--c.vf.force.com aaalifefield--full.sandbox.my.salesforce.com aaalife--agentone.vf.force.com aaalifeinsurance--agentone.vf.force.com *.salesforce.com *.lightning.force.com *.google-analytics.com *.analytics.google.com *.aaalife.com app.optimizely.com *.onelogin.com *.aaalifedesk.com *.ipipeline.com  aaalife.my.salesforce.com aaalifeinsurance.lightning.force.com *.visual.force.com; report-uri https://hannx.report-uri.com/r/t/csp/enforce
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: usb =(),midi =(), microphone =(), camera =(),magnetometer=(), gyroscope=()
Expect-CT: max-age=2592000, report-uri=https://aaalife.report-uri.com/r/d/ct/reportOnly
Set-Cookie: NSC_ESNS=013074d9-29b7-1964-9678-005056b90656_1216266461_2548164832_00000000000019222336; Path=/; Expires=Sun, 11-Jan-2026 22:52:36 GMT
Cache-Control: no-cache
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: citrix_ns_id=AAA7tylkaTtYR04AAAAAADtWeJJGPVwmRm9hO1zGo_5pV-rjyXEMMiAgZTFrgg3TOw==Oy1kaQ==cKsc4exJCWy-sqSy_-DejifeXjE=; Domain=.aaalife.com; Path=/; HttpOnly
ETag: "da696e-cb774d18fe46"
X-Via-NSCOPI: 1.0
Transfer-Encoding: chunked


<!DOCTYPE html>
<head>
	<meta charset="utf-8">
	<title></title>
	<meta name="description" content="">
	<meta name="HandheldFriendly" content="True">
	<meta name="MobileOptimized" content="320">
	<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
	<meta http-equiv="cleartype" content="on"/>
	<meta http-equiv="X-UA-Compatible" content="IE=edge"/>
	<link rel="stylesheet" href="style.css"/>
<script>NS_CSM_td=289455417;NS_CSM_pd=275116665;NS_CSM_u="/clm10";NS_CSM_col="AAAAAAUvihPa+Av6vqHsQSfdalN86MyxrmjXtbhPeDqVr523RkhJ9MiD4+5/0GdFUlwe2GE=";</script><script type="text/javascript">function sendTimingInfoInit(){setTimeout(sendTimingInfo,0)}function sendTimingInfo(){var wp=window.performance;if(wp){var c1,c2,t;c1=wp.timing;if(c1){var cm={};cm.ns=c1.navigationStart;if((t=c1.unloadEventStart)>0)cm.us=t;if((t=c1.unloadEventEnd)>0)cm.ue=t;if((t=c1.redirectStart)>0)cm.rs=t;if((t=c1.redirectEnd)>0)cm.re=t;cm.fs=c1.fetchStart;cm.dls=c1.domainLookupStart;cm.dle=c1.domainLookupEnd;cm.cs=c1.connectStart;cm.ce=c1.connectEnd;if((t=c1.secureConnectionStart)>0)cm.scs=t;cm.rqs=c1.requestStart;cm.rss=c1.responseStart;cm.rse=c1.responseEnd;cm.dl=c1.domLoading;cm.di=c1.domInteractive;cm.dcls=c1.domContentLoadedEventStart;cm.dcle=c1.domContentLoadedEventEnd;cm.dc=c1.domComplete;if((t=c1.loadEventStart)>0)cm.ls=t;if((t=c1.loadEventEnd)>0)cm.le=t;cm.tid=NS_CSM_td;cm.pid=NS_CSM_pd;cm.ac=NS_CSM_col;var xhttp=new XMLHttpRequest();if(xhttp){var JSON=JSON||{};JSON.stringify=JSON.stringify||function(ob){var t=typeof(ob);if(t!="object"||ob===null){if(t=="string")ob='"'+ob+'"';return String(ob);}else{var n,v,json=[],arr=(ob&&ob.constructor==Array);for(n in ob){v=ob[n];t=typeof(v);if(t=="string")v='"'+v+'"';else if(t=="object"&&v!==null)v=JSON.stringify(v);json.push((arr?"":'"'+n+'":')+String(v));}return(arr?"[":"{")+String(json)+(arr?"]":"}");}};xhttp.open("POST",NS_CSM_u,true);xhttp.send(JSON.stringify(cm));}}}}if(window.addEventListener)window.addEventListener("load",sendTimingInfoInit,false);else if(window.attachEvent)window.attachEvent("onload",sendTimingInfoInit);else window.onload=sendTimingInfoInit;</script></head>
<body ng-app="instantCepApp">

<!--[if lt IE 11]>
<p class="browsehappy">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade
	your browser</a> to improve your experience.</p>
<![endif]-->

<!-- Place your own header here. -->

<!-- start:delete this for production -->
<!--
<div class="container well">
	<h1>Welcome to your fresh CEP-instance</h1>
	Please retrieve an authorization token and an assessment ID from the <code>cep-integration-service</code> via your portal back end and paste those values here.
	In production mode, you should not navigate to this page but to the direct URL (including the assessment ID) directly. Please delete this section in production mode.
	<br/>
	<div class="row">
		<div class="col-sm-6"><input type="text" class="form-control" id="auth" placeholder="Authorization Token"></div>
		<div class="col-sm-4"><input type="text" class="form-control" id="asid" placeholder="Assessment-ID"></div>
		<div class="col-sm-1"><input type="text" class="form-control" id="lang" placeholder="Language Code"></div>
		<div class="col-sm-1">
			<button class="btn btn-primary" type="button"
				onclick="javascript:document.cookie=document.getElementById('auth').value; window.location.hash='/assessment/' + document.getElementById('asid').value + '?lang=' + document.getElementById('lang').value;">Go!</button>
		</div>
	</div>
</div>
-->
<!-- end:delete -->

<h1 align="center">Welcome to the Underwriting Estimator</h1>

<div class="container">
	<div ng-view></div>
</div>

<!-- sources -->
<script src="scripts.js" type="text/javascript"></script>

<!-- assessment.html -->
<script type="text/ng-template" id="views/assessment.html">
	<form>
		<cep-questionnaire assessment="assessment" assessment-id="assessmentId" assessment-role="applicant">
			<after>
				<cep-submit-button submit-function="$parent.submitIfValid"></cep-submit-button>