fix(os-fingerprint): Win timestamps ON + windows_server profile + OS_MANGLE schema

Win10/11 run TCP timestamps ON (nmap SEQ.TS=A); the windows profile had them
OFF, fingerprinting as an ancient stack. Add a windows_server slug (ECN
negotiated, CC=Y) and point the server/DC archetypes at it. Introduce the
OS_MANGLE map (per-slug egress SYN-ACK shape: window, option order, IP-ID
policy) consumed by the new cloak package.

decnet/archetypes.py

@@ -47,7 +47,7 @@ ARCHETYPES: dict[str, Archetype] = {
         description="Windows domain member: SMB, RDP, and LDAP directory",
         services=["smb", "rdp", "ldap"],
         preferred_distros=["debian", "ubuntu22"],
-        nmap_os="windows",
+        nmap_os="windows_server",
     ),
     "domain-controller": Archetype(
         slug="domain-controller",
@@ -55,7 +55,7 @@ ARCHETYPES: dict[str, Archetype] = {
         description="Active Directory DC: LDAP, SMB, RDP, LLMNR",
         services=["ldap", "smb", "rdp", "llmnr"],
         preferred_distros=["debian", "ubuntu22"],
-        nmap_os="windows",
+        nmap_os="windows_server",
     ),
     "linux-server": Archetype(
         slug="linux-server",