HTTP/2 301 server: nginx date: Tue, 27 Jan 2026 10:29:25 GMT content-type: text/html; charset=utf-8 content-length: 93 set-cookie: deflect_session=bRuy%2FjZSUFYAAAAAaXihlQ%3D%3D; Path=/; Max-Age=3600; HttpOnly referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains; x-content-type-options: nosniff x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none vary: Accept-Encoding set-cookie: csrftoken=fcQ6WHfnqirwroCapaSJ2X6Lh2Yf9F11; Max-Age=604800; Path=/; SameSite=Lax location: /signin x-server: Deflect.ca (nginx) x-deflect-cache: MISS x-deflect-edge: 26ca84d14c14 HTTP/2 200 server: nginx date: Tue, 27 Jan 2026 10:29:26 GMT content-type: text/html;charset=utf-8 vary: Accept-Encoding vary: Accept-Encoding referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains; x-content-type-options: nosniff x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none vary: Accept-Encoding access-control-allow-origin: * cross-origin-resource-policy: same-origin cross-origin-opener-policy: same-origin cross-origin-embedder-policy: credentialless content-security-policy: base-uri 'none'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src-attr 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' 'strict-dynamic' 'nonce-V2y5eS/w5bacaoGTUEynycTi'; upgrade-insecure-requests; default-src 'self'; connect-src 'self' https://sentry.ouinet.work https://cdn.jsdelivr.net; manifest-src 'self'; origin-agent-cluster: ?1 x-dns-prefetch-control: off permissions-policy: camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=() x-server: Deflect.ca (nginx) x-deflect-cache: MISS x-deflect-edge: 26ca84d14c14 content-encoding: gzip