urlscan.io logo urlscan.io
SecurityTrails logo

checkin.copaair.com Open in urlscan Pro
107.154.76.229  Public Scan

Go To Rescan Add Verdict Report
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flig...
Submission Tags: falconsandbox
Submission: On March 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 54 HTTP transactions. The main IP is 107.154.76.229, located in United States and belongs to INCAPSULA, US. The main domain is checkin.copaair.com. The Cisco Umbrella rank of the primary domain is 711678.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 19th 2023. Valid for: a year.
This is the only time checkin.copaair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

27    107.154.76.229 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.76.229.ip.incapdns.net
checkin.copaair.com
secure.copaair.com
seats.copaair.com
api.copaair.com
5    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
7    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:3034::ac43:a57f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-in-prod.com
1    2600:1f10:4587:7500:52f:324d:b45f:b7d8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
capig.entravision.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.198.23.205 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com
r.lr-in-prod.com
Apex Domain
Subdomains		 Transfer
27 copaair.com
checkin.copaair.com — Cisco Umbrella Rank: 711678
secure.copaair.com — Cisco Umbrella Rank: 762034
seats.copaair.com — Cisco Umbrella Rank: 474079
api.copaair.com — Cisco Umbrella Rank: 229361
2 MB
8 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2089
www.google-analytics.com — Cisco Umbrella Rank: 29
22 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
402 KB
3 lr-in-prod.com
cdn.lr-in-prod.com — Cisco Umbrella Rank: 18203
r.lr-in-prod.com — Cisco Umbrella Rank: 17945
165 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
150 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
274 B
1 entravision.com
capig.entravision.com — Cisco Umbrella Rank: 296714
343 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
247 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2656
54 B
0 google.de Failed
www.google.de Failed
54 11
Domain Requested by
14 checkin.copaair.com checkin.copaair.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
checkin.copaair.com
6 seats.copaair.com checkin.copaair.com
seats.copaair.com
6 secure.copaair.com checkin.copaair.com
secure.copaair.com
5 www.googletagmanager.com checkin.copaair.com
www.googletagmanager.com
2 r.lr-in-prod.com cdn.lr-in-prod.com
2 fonts.googleapis.com seats.copaair.com
secure.copaair.com
2 connect.facebook.net checkin.copaair.com
connect.facebook.net
1 www.facebook.com checkin.copaair.com
1 capig.entravision.com checkin.copaair.com
1 api.copaair.com checkin.copaair.com
1 cdn.lr-in-prod.com checkin.copaair.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
0 www.google.de Failed checkin.copaair.com
54 16

This site contains links to these domains. Also see Links.

Domain
www.copaair.com
Subject Issuer Validity Valid
checkin.copaair.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-19 -
2024-09-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-19 -
2024-03-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
lr-in-prod.com
GTS CA 1P5		 2024-02-14 -
2024-05-14		 3 months crt.sh
secure.copaair.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-19 -
2024-09-18		 a year crt.sh
seats.copaair.com
Sectigo RSA Organization Validation Secure Server CA		 2023-05-09 -
2024-05-08		 a year crt.sh
api.copaair.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-19 -
2024-09-18		 a year crt.sh
capig.entravision.com
R3		 2024-02-07 -
2024-05-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
api.logrocket.com
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Frame ID: BD065145A2B8839F27121028DA98991E
Requests: 38 HTTP requests in this frame

Frame: https://secure.copaair.com/
Frame ID: 6C5865EE66F6C13F442A08704A14D0C7
Requests: 5 HTTP requests in this frame

Frame: https://seats.copaair.com/
Frame ID: 8E4474AB3D80947513326AFF599251AC
Requests: 5 HTTP requests in this frame

Frame: https://seats.copaair.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=11-68339473-0%20NNNN%20RT%281710111313333%2024%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B15%2814%2c0%2c0%29%20U12&incident_id=9197001600297182454-404245698346559499&edet=15&cinfo=0e000000d61a&rpinfo=0&mth=GET
Frame ID: 6C6E2CE56E513A2E7A47DEEE9A5BF5CB
Requests: 2 HTTP requests in this frame

Frame: https://secure.copaair.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-81763955-0%20NNNN%20RT%281710111313333%2025%29%20q%280%20-1%20-1%202%29%20r%280%20-1%29%20B15%2814%2c0%2c0%29%20U12&incident_id=9197001600297182455-511861266498529293&edet=15&cinfo=0e000000d67c&rpinfo=0&mth=GET
Frame ID: 8058DF93F0E3142A4280376872BDC509
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Copa Airlines

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

54
Requests

94 %
HTTPS

82 %
IPv6

11
Domains

16
Subdomains

12
IPs

3
Countries

2820 kB
Transfer

10173 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request boarding-pass
checkin.copaair.com/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
b5ac668b4ddef0075d6104e19203fed3bbbebd0d60a3451a15f532b62f1fd815
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
content-type
text/html
date
Sun, 10 Mar 2024 22:55:13 GMT
etag
W/"b8ac39d2e175fff18e6e22550a5be904"
last-modified
Wed, 07 Feb 2024 15:07:12 GMT
referrer-policy
same-origin
server
copa
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
x-amz-cf-id
brbJeKnJcLMCFKtiX_eCRkcg3K71WzMjSjXqpxeXErlbrcLn82bQVQ==
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
9-49545278-49454068 pNNy RT(1710111312107 22) q(0 0 0 2) r(2 2) U12
x-xss-protection
1; mode=block
physickes-So-Inne-Raine-Manhoole-for-his-the-don
checkin.copaair.com/ 		229 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkin.copaair.com/physickes-So-Inne-Raine-Manhoole-for-his-the-don
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
bon /
Resource Hash
ddfac692dba5aef0a11c97c41602329bf116c4156db7c2f2c5b91e041ce67695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:55:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
bon
x-cdn
Imperva
content-type
text/javascript
access-control-allow-origin
*
x-iinfo
9-49545278-49545297 NNNN CT(2 4 0) RT(1710111312107 246) q(0 0 0 -1) r(0 0)
cache-control
max-age=0
server-timing
bon, total;dur=13.21999
content-length
74403
main.e32540d4.js
checkin.copaair.com/static/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkin.copaair.com/static/js/main.e32540d4.js
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
2e097c49442cf9575a571518a17a0e6b5b99993d5c9d9b16f99215c1dc764690
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
x-content-type-options
nosniff
date
Sun, 10 Mar 2024 17:44:32 GMT
content-encoding
gzip
x-cdn
Imperva
via
1.1 b5e757a7da6f6fe6261f56a8a9646880.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
age
18641
x-cache
Hit from cloudfront
x-iinfo
9-49545278-49367569 pNNy RT(1710111312107 248) q(0 0 0 -1) r(1 1) U12
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 07 Feb 2024 15:07:08 GMT
server
copa
etag
W/"a070fc6befaef82e07a41b0033cce9df"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=604800
x-amz-cf-id
Iyo-o8t-FhnJbMAWPGGGz91vG_gzPG4eNNGQnYR0bv2vfqWhredDTQ==
main.69a76557.css
checkin.copaair.com/static/css/ 		272 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkin.copaair.com/static/css/main.69a76557.css
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
b5d6b0d06fc47e4b258b5318f38bc1018247b5f9f08c9ffca2d2ce8a5db550d1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 03:48:22 GMT
content-encoding
gzip
x-cdn
Imperva
via
1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
age
155211
x-cache
Hit from cloudfront
x-iinfo
9-49545278-49454068 pNNy RT(1710111312107 242) q(0 0 0 -1) r(1 1) U12
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 07 Feb 2024 15:07:08 GMT
server
copa
etag
W/"7cb620b8b830808d6d4a699837bdd4bc"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=604800
x-amz-cf-id
rdsIrEqCf3DElc9zglvTS02X2f3ih-yPKj-6BhgSRimY_srZv5-ltw==
_Incapsula_Resource
checkin.copaair.com/ 		155 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkin.copaair.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1662339735
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
/
Resource Hash
0b9d810265fd3ae713828cdebb9eaf3188afcfdf7ca0a2da0b1450729471af4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
22323
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		204 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W7LP39P
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c70eae10203554a9593b1b4984d1b12df9d08b31efde614d52355ebbf65596b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:55:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72874
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 10 Mar 2024 22:55:12 GMT
_Incapsula_Resource
checkin.copaair.com/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkin.copaair.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7894712563514805
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
js
www.googletagmanager.com/gtag/ 		237 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R4PMF3F8Y8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7LP39P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3969534288019ae6f46aca8a413149edbcccb10c1e810960fed5ec2dd2bf5028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:55:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85964
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 10 Mar 2024 22:55:12 GMT
gtm.js
www.googletagmanager.com/ 		292 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WN6DPSK&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7LP39P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
107c536048df698e054fd2fcd8c638edc2b727f6afc4587c3acbffed41e10d5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:55:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94190
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 10 Mar 2024 22:55:12 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R4PMF3F8Y8&gtm=45je4360v882754963z8832081426za200&_p=1710111312752&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=849167534.1710111313&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fcheckin.copaair.com%2Fboarding-pass&sid=1710111312&sct=1&seg=0&dt=Copa%20Airlines&en=page_load_time&_fv=1&_nsi=1&_ss=1&epn.loading_time_ms=464.3000011444092&ep.custom_event_additional_details=loading_time_ms&tfd=541
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R4PMF3F8Y8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 22:55:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkin.copaair.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		245 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SEJ8DB2YNH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WN6DPSK&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28991dea7693c4f02233203db2bdc9f913d9f0efb646af491fa9a08b8f69e2b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:55:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87152
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 10 Mar 2024 22:55:13 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WN6DPSK&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 10 Mar 2024 21:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4591
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 10 Mar 2024 23:38:42 GMT
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 10 Mar 2024 22:55:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1294, tbw=2766, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
1qLJ1ccjfjX3fW1ZdP2fWhpl1nwQPB8JjRmgLsPcOU4ldFZwVF/1XUU8t/MY8hIZIv1mPKwBw81zuvZdwfVRqg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		190 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8053303
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WN6DPSK&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56c037da55b611a2cef4fac67ea0020954bd39ad7a5b7b2ac4d2f59a3a77cde1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:55:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71064
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 10 Mar 2024 22:55:13 GMT
physickes-So-Inne-Raine-Manhoole-for-his-the-don
checkin.copaair.com/ 		731 B
902 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://checkin.copaair.com/physickes-So-Inne-Raine-Manhoole-for-his-the-don?d=checkin.copaair.com
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/physickes-So-Inne-Raine-Manhoole-for-his-the-don
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
bon /
Resource Hash
870e93c6243968c014a5f69646e12aae36145f617c7f9536af438a3627e78894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json; charset=utf-8
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Sun, 10 Mar 2024 22:55:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
application/json
access-control-allow-origin
*
x-iinfo
9-49545278-49545297 PNYN RT(1710111312107 569) q(0 0 0 -1) r(1 1) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=55.924383
collect
www.google-analytics.com/j/ 		3 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1255744539&t=pageview&_s=1&dl=https%3A%2F%2Fcheckin.copaair.com%2Fboarding-pass%3Fpnr%3DBAJWET%26departure%3DGRU%26name%3DMARCELAMAYUMIFUJIMMRS%2520RODRIGUES%26time%3D6h%252057m%26flight%3D700&ul=en-us&de=UTF-8&dt=Copa%20Airlines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=528622392&gjid=1811079804&cid=849167534.1710111313&tid=UA-174663766-1&_gid=1098441542.1710111313&_r=1&_slc=1&gtm=45He4360n81WN6DPSKv810371787za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1916246143
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 22:55:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkin.copaair.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1255744539&t=pageview&_s=1&dl=https%3A%2F%2Fcheckin.copaair.com%2Fboarding-pass%3Fpnr%3DBAJWET%26departure%3DGRU%26name%3DMARCELAMAYUMIFUJIMMRS%2520RODRIGUES%26time%3D6h%252057m%26flight%3D700&dp=%2Fboarding-pass&ul=en-us&de=UTF-8&dt=Copa%20Airlines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1946473221&gjid=1624289214&cid=849167534.1710111313&tid=UA-68299719-2&_gid=1098441542.1710111313&_r=1&_slc=1&gtm=45He4360n81WN6DPSKv810371787za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=399216606
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 22:55:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkin.copaair.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-SEJ8DB2YNH&gtm=45je4360v879942716z8810371787za220&_p=1710111312752&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=849167534.1710111313&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fcheckin.copaair.com%2Fboarding-pass&sid=1710111313&sct=1&seg=0&dt=Copa%20Airlines&en=page_view&_fv=1&_ss=1&ep.content_group=Web%20Checkin&ep.custom_page_name=checkin.copaair.com&ep.custom_page_query_params=%3Fpnr%3DBAJWET%26departure%3DGRU%26name%3DMARCELAMAYUMIFUJIMMRS%2520RODRIGUES%26time%3D6h%252057m%26flight%3D700&ep.custom_pnr=&tfd=675
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SEJ8DB2YNH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 22:55:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkin.copaair.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SEJ8DB2YNH&cid=849167534.1710111313&gtm=45je4360v879942716z8810371787za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SEJ8DB2YNH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 22:55:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkin.copaair.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
1669035273361294
connect.facebook.net/signals/config/ 		294 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1669035273361294?v=2.9.148&r=stable&domain=checkin.copaair.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec578d1bfb68efe6dec0a15245607939d8be5c71f03e174f7f6070db40b037c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 10 Mar 2024 22:55:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=64, mss=1294, tbw=62472, tp=-1, tpl=-1, uplat=202, ullat=0
pragma
public
x-fb-debug
5LaDkf/F+KeOgLto2Dkf6RTxzKNrCC/n6H9Q58pL4Ua3byE6xQR8ojf6C9VowQwhv/65FDN1qcm396lRSHBQ8g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
logger-1.min.js
cdn.lr-in-prod.com/ 		833 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-in-prod.com/logger-1.min.js
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/static/js/main.e32540d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a57f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1afd4c14480421a77cec441591c9fb3368c64fc39a4234cf5f29c6d5a5e47483
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:55:13 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Fri, 08 Mar 2024 21:12:19 GMT
server
cloudflare
x-timer
S1709932526.496673,VS0,VE2
etag
W/"8419ea933cb1c2d23937ddb6bf7f74aaa960db03e37294340485c1f47e2d052c-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHejHqVqsixibf0VQAPjgt%2BbYFbn2BdR5hDv6TT5wjCstGLZfNAjdRlfcyy09V0cOSbePvflBUB82%2BQp3pbxNM2A%2FSDPUU9XveAdqm6%2B9%2FiqlspflPDs12gIdzB7ft9bpFgDwfjDZxgntpyJeSaTjTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8626e41bca383a68-FRA
x-cache-hits
1
/
secure.copaair.com/ Frame 6C58 		945 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.copaair.com/
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/static/js/main.e32540d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
/
Resource Hash
dd273f9770918157c15119eeab78bcb5babaee0da60bffa1765c391d337a1e0f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
945
content-type
text/html
x-iinfo
13-81763955-0 NNNN RT(1710111313333 25) q(0 -1 -1 2) r(0 -1) B15(14,0,0) U12
x-incap-sess-cookie-hdr
HHVfZT89Fzr3pGlIOlCif1E67mUAAAAAojcxyZTeMyCt/oUpp0lwbw==
/
seats.copaair.com/ Frame 8E44 		945 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://seats.copaair.com/
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/static/js/main.e32540d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
/
Resource Hash
967fa6404084068b1bb6f88cbb2c75e6b82031e4c7c9626c7f4cdbee3d885198

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
945
content-type
text/html
x-iinfo
11-68339473-0 NNNN RT(1710111313333 24) q(0 -1 -1 0) r(0 -1) B15(14,0,0) U12
x-incap-sess-cookie-hdr
MDbvVTpclx32pGlIOlCif1E67mUAAAAA2SNGRHBgB/hk9dsYRoX14A==
BAJWET
api.copaair.com/wci/boardingPass/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.copaair.com/wci/boardingPass/BAJWET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://checkin.copaair.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Authorization,Content-Type,X-Requested-With,X-Forwarded-For,Token,currentLang,Refresh-Token,Channel,agentInfo,Amount,app,currency,flx-correlation-id,gmt,identifier-ffn,isRedemptions,operation,pnr,prices,Rulecode,session-token,Storefront,TransactionIdentifier,Update,userIdentifier,X-Amz-Date,X-Amz-Security-Token,X-Api-Key,error-handler
access-control-allow-methods
OPTIONS, POST, PUT, GET, DELETE
access-control-allow-origin
https://checkin.copaair.com
access-control-max-age
86400
content-length
0
content-type
application/json
date
Sun, 10 Mar 2024 22:55:13 GMT
server
copa
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 b940a336a13496ed7f3754168211e15a.cloudfront.net (CloudFront)
x-amz-apigw-id
Ub4M1FLKIAMEC1Q=
x-amz-cf-id
hLWhk6rFSIoqWIrD6CPjNuTtTM5MJzJIr4Auo9oTGXGiopWl77JmwA==
x-amz-cf-pop
IAD66-C1
x-amzn-remapped-connection
keep-alive
x-amzn-remapped-content-length
0
x-amzn-remapped-date
Sun, 10 Mar 2024 22:55:13 GMT
x-amzn-remapped-server
akka-http/10.2.10
x-amzn-requestid
a6691a7c-6675-4f21-804e-4f683a8e1313
x-cache
Miss from cloudfront
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
12-75125333-75094708 pNNN RT(1710111313342 27) q(0 0 0 0) r(2 2) U24
x-incap-sess-cookie-hdr
VyTBIPmVGUQJpWlIOlCif1E67mUAAAAAcg80bqNlEkzrexoljKYTFA==
SuisseIntl-Medium-WebM.a2ec212cacba9af579b6.woff
checkin.copaair.com/static/media/ 		33 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkin.copaair.com/static/media/SuisseIntl-Medium-WebM.a2ec212cacba9af579b6.woff
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/static/css/main.69a76557.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
aa279df3e4c190b51aa05859d16d75ce0dfbe28a2c913fdd440af1877468dba9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkin.copaair.com/static/css/main.69a76557.css
Origin
https://checkin.copaair.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:43:19 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
via
1.1 b5e757a7da6f6fe6261f56a8a9646880.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
IAD89-C1
age
421915
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-iinfo
9-49545278-49367569 pNNy RT(1710111312107 1189) q(0 0 1 -1) r(1 1) U12
content-length
34259
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 07 Feb 2024 15:07:08 GMT
server
copa
etag
"af8bcf4c7181324238e3da30e0b99db9"
content-type
font/woff
cache-control
public,max-age=604800
x-incap-sess-cookie-hdr
X9JDPWZcMWO5n2lIOlCif1E67mUAAAAAHKtiv/tH0vwEZ8/VMa/StQ==
accept-ranges
bytes
x-amz-cf-id
rmBQpwKLuL0PIy8QDl7AEE6RPqeLFv2I1u1_uTfjSPyIYLCMibhfuw==
SuisseIntl-Medium.1e1df1774a21a519d749.woff2
checkin.copaair.com/static/media/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkin.copaair.com/static/media/SuisseIntl-Medium.1e1df1774a21a519d749.woff2
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/static/css/main.69a76557.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
3e565d304fa015c8afb9e62d3eb5daac1531f05b52ea532bf4ff37a23d392038
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkin.copaair.com/static/css/main.69a76557.css
Origin
https://checkin.copaair.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 08:21:59 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
via
1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
IAD89-C1
age
570795
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-iinfo
9-49545278-49454068 pNNy RT(1710111312107 1195) q(0 0 0 -1) r(0 0) U12
content-length
19628
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 07 Feb 2024 15:07:09 GMT
server
copa
etag
"2dee32f5857c99d9637c71d99845d82f"
content-type
font/woff2
cache-control
public,max-age=604800
x-incap-sess-cookie-hdr
y5OUFJFPzk25n2lIOlCif1E67mUAAAAAg1ljkbP9CfE2uzt+SuC/mw==
accept-ranges
bytes
x-amz-cf-id
PWbNs4LU6Iqg_9lPqWD4zcT2fQpGr9pHeCk8tSTBOvAaC-CaW5P_0Q==
SuisseIntl-Light-WebXL.29b5c5a2d0f903cf4850.woff
checkin.copaair.com/static/media/ 		83 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkin.copaair.com/static/media/SuisseIntl-Light-WebXL.29b5c5a2d0f903cf4850.woff
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/static/css/main.69a76557.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
c02b6c473ad5d206ff470edc5c932a87e45946da3006fa1b396723c6177b7140
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkin.copaair.com/static/css/main.69a76557.css
Origin
https://checkin.copaair.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
x-content-type-options
nosniff
date
Fri, 08 Mar 2024 14:09:41 GMT
via
1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
IAD89-C1
age
204333
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-iinfo
9-49545278-49367802 pNNN RT(1710111312107 1201) q(0 0 0 -1) r(1 1) U12
content-length
85415
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 07 Feb 2024 15:07:08 GMT
server
copa
etag
"13c3d79fc7b946b2b79b643d41584f55"
vary
Accept-Encoding
content-type
font/woff
cache-control
public,max-age=604800
x-incap-sess-cookie-hdr
f4ykeZ5HSj25n2lIOlCif1E67mUAAAAAjNilbT+g+yd2BUGiCMqEGA==
accept-ranges
bytes
x-amz-cf-id
QfB-qEGN4O__A6v6ja5YzjFzactbbog_nNvlp4E4qr2YzhTOcU-9qw==
info_icon.7f69c082f191be04d5948e8f2a547390.svg
checkin.copaair.com/static/media/ 		600 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkin.copaair.com/static/media/info_icon.7f69c082f191be04d5948e8f2a547390.svg
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
733ab6e9801a2ff3915579ce951c32e9f75e4e5639b8bd15ba4e92a2d2401cd7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 14:42:19 GMT
via
1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
IAD89-C1
age
121349
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-cache
Hit from cloudfront
x-iinfo
9-49545278-49526029 pNYy RT(1710111312107 1204) q(0 0 0 -1) r(1 1) U12
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 07 Feb 2024 15:07:10 GMT
server
copa
etag
"6e88a155336e2dfaf06069625866145f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=604800
accept-ranges
bytes
x-amz-cf-id
U_s2dvNox-0HhDmPqNNYSGztTzr9D5bW5YxKaVNiRyN3S3VqDpcvcg==
close-icon.b25d9ecfd8ca6b559cc1b40cdb781415.svg
checkin.copaair.com/static/media/ 		1001 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkin.copaair.com/static/media/close-icon.b25d9ecfd8ca6b559cc1b40cdb781415.svg
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
73102bb420d9f15c2140e482e302daf77f187bfb20bf6d2dc798fd8f6f3583ef
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 13:12:45 GMT
content-encoding
gzip
x-cdn
Imperva
via
1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
age
121349
x-cache
Hit from cloudfront
x-iinfo
9-49545278-49454070 pNNN RT(1710111312107 1208) q(0 0 0 -1) r(1 1) U12
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 07 Feb 2024 15:07:10 GMT
server
copa
etag
W/"a1ce6af733daa9a29b08089c039850a2"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=604800
x-amz-cf-id
VlEZjkCX_mJ0TGKaTzzJyydPe5v83QotvxpjpCYAF8kROoHEfvjorw==
info_icon_blue.0c8fbba6a25ec3240b20209bf8b57e81.svg
checkin.copaair.com/static/media/ 		1 KB
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkin.copaair.com/static/media/info_icon_blue.0c8fbba6a25ec3240b20209bf8b57e81.svg
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
98098c8dcecbd5de850ca12911ff2abce2d5e23de0cc3c9b8b6077c7d011a7a5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 08:21:59 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
content-encoding
gzip
x-cdn
Imperva
via
1.1 824fe21e467658628899bdd8725649ee.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
age
570795
x-cache
Hit from cloudfront
x-iinfo
9-49545278-49483983 pNNy RT(1710111312107 1211) q(0 0 0 -1) r(1 1) U12
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 07 Feb 2024 15:07:10 GMT
server
copa
etag
W/"e01373c332985eb9f0a87408564b08a4"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=604800
x-amz-cf-id
NmGSnXzZGics7uhoVFywckW4dvE_5HFvFPPQHM64HQOVmh5TG5UGEw==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1255744539&t=pageview&_s=1&dl=https%3A%2F%2Fcheckin.copaair.com%2Fboarding-pass%3Fpnr%3DBAJWET%26departure%3DGRU%26name%3DMARCELAMAYUMIFUJIMMRS%2520RODRIGUES%26time%3D6h%252057m%26flight%3D700&dp=%2Fboarding-pass&ul=en-us&de=UTF-8&dt=Copa%20Airlines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=849167534.1710111313&tid=UA-68299719-2&_gid=1098441542.1710111313&gtm=45He4360n81WN6DPSKv810371787za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=951027191
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 21:25:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5394
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1255744539&t=pageview&_s=1&dl=https%3A%2F%2Fcheckin.copaair.com%2Fboarding-pass%3Fpnr%3DBAJWET%26departure%3DGRU%26name%3DMARCELAMAYUMIFUJIMMRS%2520RODRIGUES%26time%3D6h%252057m%26flight%3D700&dp=%2Fboarding-pass&ul=en-us&de=UTF-8&dt=Copa%20Airlines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=849167534.1710111313&tid=UA-68299719-2&_gid=1098441542.1710111313&gtm=45He4360n81WN6DPSKv810371787za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=598069895
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 21:25:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5394
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
BAJWET
api.copaair.com/wci/boardingPass/ 		0
0
copa_loader.a8a15ac58a6cb1549423.gif
checkin.copaair.com/static/media/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkin.copaair.com/static/media/copa_loader.a8a15ac58a6cb1549423.gif
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
copa /
Resource Hash
8675a8ab2e2f910adad10aada15aa20011cb2a054e1c7c5e05dd826fbabcba9b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
x-content-type-options
nosniff
date
Sun, 10 Mar 2024 15:51:22 GMT
via
1.1 b5e757a7da6f6fe6261f56a8a9646880.cloudfront.net (CloudFront)
x-cdn
Imperva
x-amz-cf-pop
IAD89-C1
age
25432
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-iinfo
9-49545278-49367569 pNNy RT(1710111312107 1215) q(0 0 0 -1) r(1 1) U12
content-length
126671
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 07 Feb 2024 15:07:10 GMT
server
copa
etag
"f2b3543b18d684faa99f68b8559692c0"
vary
Accept-Encoding
content-type
image/gif
cache-control
public,max-age=604800
accept-ranges
bytes
x-amz-cf-id
aeRicebA7BkmN4kIQKL6YuntbhEQ7bBoBYrnDuHH_fKQ4XlPXnoorQ==
events
capig.entravision.com/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.entravision.com/events
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/static/js/main.e32540d4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f10:4587:7500:52f:324d:b45f:b7d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://checkin.copaair.com
date
Sun, 10 Mar 2024 22:55:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1669035273361294&ev=PageView&dl=https%3A%2F%2Fcheckin.copaair.com%2Fboarding-pass%3Fpnr%3DBAJWET%26departure%3DGRU%26name%3DMARCELAMAYUMIFUJIMMRS%2520RODRIGUES%26time%3D6h%252057m%26flight%3D700&rl=&if=false&ts=1710111313772&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1710111313770.2135793642&eid=ob3_plugin-set_1a997291f99a30d788c1091ac92230a3c589f070b63ad5e54cab8eada24ddfe1&cs_est=true&ler=empty&cdl=API_unavailable&it=1710111313152&coo=false&rqm=GET
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1294, tbw=2759, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 10 Mar 2024 22:55:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
_Incapsula_Resource
seats.copaair.com/ Frame 8E44 		157 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seats.copaair.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: seats.copaair.com
URL: https://seats.copaair.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
/
Resource Hash
ca7bf35da4a2a6b0db922106ee7d90be8640c01c669026b043f933b13653b0a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://seats.copaair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
22732
content-type
application/javascript
ltogeth-Minders-were-And-you-speaking-Macb-Glamo
seats.copaair.com/ Frame 8E44 		238 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seats.copaair.com/ltogeth-Minders-were-And-you-speaking-Macb-Glamo
Requested by
Host: seats.copaair.com
URL: https://seats.copaair.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
bon /
Resource Hash
90eebf172c1b8a01d85ecaccb117ca58cdfdda0ee5e0c78be65c16acec4822b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://seats.copaair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:55:13 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
text/javascript
access-control-allow-origin
*
x-iinfo
12-75125350-75125357 NNNN CT(3 4 0) RT(1710111313428 32) q(0 0 0 -1) r(0 0)
cache-control
max-age=0
server-timing
bon, total;dur=13.434673
content-length
77421
_Incapsula_Resource
secure.copaair.com/ Frame 6C58 		158 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.copaair.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: secure.copaair.com
URL: https://secure.copaair.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
/
Resource Hash
e533c0216dd6b86f341fa56b66373d67b9f588d620925859c525e8b4952fa134

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.copaair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
22816
content-type
application/javascript
p-As-the-Ented-their-Patch-to-all-Curs-Weepe-Th-
secure.copaair.com/ Frame 6C58 		229 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.copaair.com/p-As-the-Ented-their-Patch-to-all-Curs-Weepe-Th-
Requested by
Host: secure.copaair.com
URL: https://secure.copaair.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
bon /
Resource Hash
a7f2916631013f6c073d520b8890e59d5e9fd595f2f914c1a970c55c85c83f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.copaair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:55:13 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
text/javascript
access-control-allow-origin
*
x-iinfo
5-21555531-21555534 NNNN CT(3 4 0) RT(1710111313429 32) q(0 0 0 -1) r(0 0)
cache-control
max-age=0
server-timing
bon, total;dur=13.640727
content-length
74403
e93200dc-587d-4613-9877-7eec41ec82f3
https://checkin.copaair.com/ 		463 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://checkin.copaair.com/e93200dc-587d-4613-9877-7eec41ec82f3
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffae9431def3390a1dc09d80a41f9c224affd01ad64970dc157790e9dbdf7721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
474307
Content-Type
_Incapsula_Resource
seats.copaair.com/ Frame 8E44 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seats.copaair.com/_Incapsula_Resource?SWKMTFSR=1&e=0.28660655115225975
Requested by
Host: seats.copaair.com
URL: https://seats.copaair.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://seats.copaair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
_Incapsula_Resource
secure.copaair.com/ Frame 6C58 		1 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.copaair.com/_Incapsula_Resource?SWKMTFSR=1&e=0.26645488692689234
Requested by
Host: secure.copaair.com
URL: https://secure.copaair.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.copaair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
_Incapsula_Resource
seats.copaair.com/ Frame 6C6E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://seats.copaair.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=11-68339473-0%20NNNN%20RT%281710111313333%2024%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B15%2814%2c0%2c0%29%20U12&incident_id=9197001600297182454-404245698346559499&edet=15&cinfo=0e000000d61a&rpinfo=0&mth=GET
Requested by
Host: seats.copaair.com
URL: https://seats.copaair.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
/
Resource Hash
45e70f6420edead64acba51da8f7b992af700a6ead49f8885fecacac711d1d71

Request headers

Referer
https://seats.copaair.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
3746
content-type
text/html
x-robots-tag
noindex
_Incapsula_Resource
secure.copaair.com/ Frame 8058 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.copaair.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-81763955-0%20NNNN%20RT%281710111313333%2025%29%20q%280%20-1%20-1%202%29%20r%280%20-1%29%20B15%2814%2c0%2c0%29%20U12&incident_id=9197001600297182455-511861266498529293&edet=15&cinfo=0e000000d67c&rpinfo=0&mth=GET
Requested by
Host: secure.copaair.com
URL: https://secure.copaair.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
/
Resource Hash
445ffa46efe4ac583389984235653f38e6b8b03e03ddc141825a520a900066f4

Request headers

Referer
https://secure.copaair.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
3747
content-type
text/html
x-robots-tag
noindex
css2
fonts.googleapis.com/ Frame 6C6E 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
Requested by
Host: seats.copaair.com
URL: https://seats.copaair.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=11-68339473-0%20NNNN%20RT%281710111313333%2024%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B15%2814%2c0%2c0%29%20U12&incident_id=9197001600297182454-404245698346559499&edet=15&cinfo=0e000000d61a&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79d08edb5b23fcc8da45fcc77210c8e18771fcf3876dda7d2596cb3ed0512333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://seats.copaair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Mar 2024 22:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 21:04:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Mar 2024 22:55:14 GMT
css2
fonts.googleapis.com/ Frame 8058 		9 KB
821 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
Requested by
Host: secure.copaair.com
URL: https://secure.copaair.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-81763955-0%20NNNN%20RT%281710111313333%2025%29%20q%280%20-1%20-1%202%29%20r%280%20-1%29%20B15%2814%2c0%2c0%29%20U12&incident_id=9197001600297182455-511861266498529293&edet=15&cinfo=0e000000d67c&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79d08edb5b23fcc8da45fcc77210c8e18771fcf3876dda7d2596cb3ed0512333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.copaair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Mar 2024 22:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 22:50:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Mar 2024 22:55:14 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1255744539&t=pageview&_s=1&dl=https%3A%2F%2Fcheckin.copaair.com%2Fboarding-pass%3Fpnr%3DBAJWET%26departure%3DGRU%26name%3DMARCELAMAYUMIFUJIMMRS%2520RODRIGUES%26time%3D6h%252057m%26flight%3D700&dp=%2Fboarding-pass&ul=en-us&de=UTF-8&dt=Copa%20Airlines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=849167534.1710111313&tid=UA-68299719-2&_gid=1098441542.1710111313&gtm=45He4360n81WN6DPSKv810371787za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=655661063
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 21:25:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5395
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1255744539&t=pageview&_s=1&dl=https%3A%2F%2Fcheckin.copaair.com%2Fboarding-pass%3Fpnr%3DBAJWET%26departure%3DGRU%26name%3DMARCELAMAYUMIFUJIMMRS%2520RODRIGUES%26time%3D6h%252057m%26flight%3D700&dp=%2Fboarding-pass&ul=en-us&de=UTF-8&dt=Copa%20Airlines&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=849167534.1710111313&tid=UA-68299719-2&_gid=1098441542.1710111313&gtm=45He4360n81WN6DPSKv810371787za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=277116570
Requested by
Host: checkin.copaair.com
URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 21:25:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5395
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ltogeth-Minders-were-And-you-speaking-Macb-Glamo
seats.copaair.com/ Frame 8E44 		731 B
883 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seats.copaair.com/ltogeth-Minders-were-And-you-speaking-Macb-Glamo?d=seats.copaair.com
Requested by
Host: seats.copaair.com
URL: https://seats.copaair.com/ltogeth-Minders-were-And-you-speaking-Macb-Glamo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
bon /
Resource Hash
bd72c1b84ab3725f30030dffa86bebb4f66e5fc9dbcadc1e06917f8b57079bfa

Request headers

Accept
application/json; charset=utf-8
Referer
https://seats.copaair.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Sun, 10 Mar 2024 22:55:14 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
application/json
access-control-allow-origin
*
x-iinfo
12-75125350-75125357 PNYN RT(1710111313428 482) q(0 0 0 -1) r(0 0) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=45.814319
p-As-the-Ented-their-Patch-to-all-Curs-Weepe-Th-
secure.copaair.com/ Frame 6C58 		731 B
837 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.copaair.com/p-As-the-Ented-their-Patch-to-all-Curs-Weepe-Th-?d=secure.copaair.com
Requested by
Host: secure.copaair.com
URL: https://secure.copaair.com/p-As-the-Ented-their-Patch-to-all-Curs-Weepe-Th-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.229 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.229.ip.incapdns.net
Software
bon /
Resource Hash
b9bf29bf36c079c1353d70bf6b998767c0864ca6b5a069585b5bf591f6a7cd77

Request headers

Accept
application/json; charset=utf-8
Referer
https://secure.copaair.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Sun, 10 Mar 2024 22:55:14 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
application/json
access-control-allow-origin
*
x-iinfo
5-21555531-21555534 PNYN RT(1710111313429 568) q(0 0 0 -1) r(1 1) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=47.639540000000004
i
r.lr-in-prod.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://r.lr-in-prod.com/i?a=edny8h%2Fweb-check-in&r=5-cf3cb988-fba7-4e1c-abdd-2222f66c7f24&t=4ab6c727-a431-47c2-a90e-119c9fba9ff8&s=0&rs=0%2Cu&u=a48df082-9163-47d8-ae2b-35eb532c1154&is=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-logrocket-relay-version
Access-Control-Request-Method
POST
Origin
https://checkin.copaair.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
content-length
0
date
Sun, 10 Mar 2024 22:55:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
i
r.lr-in-prod.com/ 		84 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.lr-in-prod.com/i?a=edny8h%2Fweb-check-in&r=5-cf3cb988-fba7-4e1c-abdd-2222f66c7f24&t=4ab6c727-a431-47c2-a90e-119c9fba9ff8&s=0&rs=0%2Cu&u=a48df082-9163-47d8-ae2b-35eb532c1154&is=1
Requested by
Host: cdn.lr-in-prod.com
URL: https://cdn.lr-in-prod.com/logger-1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
X-LogRocket-Relay-Version
2023.12.0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:55:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"16ce8-CaMlwPXQmj9hmJEtc7Ubq5rZaXM"
x-powered-by
Express
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length
93416

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SEJ8DB2YNH&cid=849167534.1710111313&gtm=45je4360v879942716z8810371787za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=773189727
Domain
api.copaair.com
URL
https://api.copaair.com/wci/boardingPass/BAJWET

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| a1_0x3d7e function| a1_0x2aa0 object| reese84 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha object| google_tag_manager object| google_tag_data object| gaGlobal function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| pushCustomEvent object| gaplugins object| gaData function| gtag function| _lrMutationObserver function| _lr_surl_cb object| __SDKCONFIG__ function| clearImmediate function| setImmediate function| _ function| saveAs number| 2f1acc6c3a606b082e5eef5e54414ffb function| _lrXMLHttpRequest object| regeneratorRuntime function| _LRLogger boolean| _lr_loaded

25 Cookies

Domain/Path Name / Value
.copaair.com/ Name: nlbi_2819725
Value: at3Xbd0nd1vkLj8M1+vilAAAAADtD8f/NbnhU9odQlS+x2il
.copaair.com/ Name: visid_incap_2819725
Value: wJZsY9zJS+KSx8YFYZ++Y1A67mUAAAAAQUIPAAAAAAA1x1t/pw8g79LRoO0p+L1D
.copaair.com/ Name: incap_ses_9197_2819725
Value: /PoLRiuedWK5n2lIOlCif1A67mUAAAAAR0MDePwv6XSQR63aQac+5g==
.copaair.com/ Name: _ga_R4PMF3F8Y8
Value: GS1.1.1710111312.1.0.1710111312.0.0.0
.copaair.com/ Name: _gid
Value: GA1.2.1098441542.1710111313
.copaair.com/ Name: _gat_UA-174663766-1
Value: 1
.copaair.com/ Name: _gat_UA-68299719-2
Value: 1
.copaair.com/ Name: _gcl_au
Value: 1.1.1188433642.1710111313
.copaair.com/ Name: _ga_SEJ8DB2YNH
Value: GS1.1.1710111313.1.0.1710111313.60.0.0
.copaair.com/ Name: nlbi_2819725_2147483392
Value: VYLKZIum2nHJVXsa1+vilAAAAAAa6xj6KJO6kZj+6kn/tAS9
.copaair.com/ Name: lang
Value: en
.copaair.com/ Name: _ga
Value: GA1.2.849167534.1710111313
.copaair.com/ Name: _fbp
Value: fb.1.1710111313770.2135793642
.copaair.com/ Name: visid_incap_2854160
Value: 4Ao51o7FRNmCfopfINDUJVE67mUAAAAAQUIPAAAAAACr3x2//LhyMuyE9J2+h+Wn
.copaair.com/ Name: incap_ses_9197_2854160
Value: rJ4vE1Rq6VT2pGlIOlCif1E67mUAAAAAAwJg/MYPSzSXl1PFxWvMog==
.copaair.com/ Name: visid_incap_2854161
Value: rjzZ3FUVQC22FPhI3m6/21E67mUAAAAAQUIPAAAAAADC9RtULlLxjsD9xLFjrZN/
.copaair.com/ Name: incap_ses_9197_2854161
Value: qaubbfFB+0f3pGlIOlCif1E67mUAAAAAFwCYRLz7MEVJp/D8b3aIJg==
.copaair.com/ Name: Y29wYWFpci5jb20%3D-_lr_tabs_-edny8h%2Fweb-check-in
Value: {%22sessionID%22:0%2C%22recordingID%22:%225-cf3cb988-fba7-4e1c-abdd-2222f66c7f24%22%2C%22webViewID%22:null%2C%22lastActivity%22:1710111313797}
.copaair.com/ Name: Y29wYWFpci5jb20%3D-_lr_hb_-edny8h%2Fweb-check-in
Value: {%22heartbeat%22:1710111313797}
.copaair.com/ Name: Y29wYWFpci5jb20%3D-_lr_uf_-edny8h
Value: 7602bfe5-d4a2-484f-9f3b-a464756293a1
.copaair.com/ Name: visid_incap_2819721
Value: kWiRhtCCQyKxbJkcuiZzqVE67mUAAAAAQUIPAAAAAAAKIKqa4bpBGwOnadUB082B
.copaair.com/ Name: incap_ses_9197_2819721
Value: xPQiVKNd6UMJpWlIOlCif1E67mUAAAAAl2FwSOCXegJDeQiHk9vtvA==
.copaair.com/ Name: nlbi_2854160_2147483392
Value: h122VKz1gQ+k6Nc9LlYrFQAAAACJ4fUUWOu5Rmnz1x2sbceW
.copaair.com/ Name: nlbi_2854161_2147483392
Value: PTzrQ5vRlg4uR2eEUYplAAAAAADeeXHZRDuDV++n1gIKCCtk
.copaair.com/ Name: reese84
Value: 3:0qaIoBBHC86gMwEux0wP/w==:hPFxf++lgyqvADFOJaG65cLTG0sMi7sHZmmCVoNKfNBK1QIxKcqc9KwTBdR8ILQQb2XhASSvHFucujyCJGeUPAuyap9urFmHXxwYqlmn9MfBrZf6vibkWLcaNbcXSJjWVmVDyxNYLjfI68KXnfsMvctWq6Oqj/j+czqD5By8tQ2aI3ojtTGRvS8Y8lxHHssrS1IpZWeYrbA666RiaezHoJusFhhr2nZ/fdEkaOUgIboaggLcFeIf938gQ6YQ+CqUVq8Qp0spUuvFCabxKUn+nnDV8gbO+/p3KBqTWE/5ujp0/3afGCJ2hUx2j62GvVwQvtQOh0ywaYVhLDa9b10cmmLUTtIHFuxkYwsQpaYXGWPLZK6tQBB9Mr2zMN1G7fZh7Uzu6Trdzfu8Ibbz0OhXUGA2ZJGykkZLDAFLAws5xpljdkMG9K8PNXQIkMmoqsqQ+aKDOmGVJyHUcsKNu7nYKKKCFigVo6Z3skN3nr37J04tgWMWIw+1RQY6f+BZKVY02f54CYnAUN8SQ223Z0YD1xRve9/vRKdbM3xThVVcMCBAT+bhLHUve5CafDTrRK3iLK5o0GNr3FYufdN7+WSQKg==:iV6fhWxhCWkzf4LY0fJQegP+v3saT/5EQR/4i41oSjI=

6 Console Messages

Source Level URL
Text
security error URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SEJ8DB2YNH&cid=849167534.1710111313&gtm=45je4360v879942716z8810371787za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=773189727' because it violates the following Content Security Policy directive: "default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
other warning URL: https://connect.facebook.net/signals/config/1669035273361294?v=2.9.148&r=stable&domain=checkin.copaair.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 118)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://seats.copaair.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.copaair.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://checkin.copaair.com/boarding-pass?pnr=BAJWET&departure=GRU&name=MARCELAMAYUMIFUJIMMRS%20RODRIGUES&time=6h%2057m&flight=700
Message:
Access to XMLHttpRequest at 'https://api.copaair.com/wci/boardingPass/BAJWET' from origin 'https://checkin.copaair.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.copaair.com/wci/boardingPass/BAJWET
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.a3cloud.net https://*.adnxs.com https://*.analytics.yahoo.com https://*.bing.com https://*.cartrawler.com https://*.cloudfront.net https://*.copaair.com https://*.directus.app https://*.doubleclick.net https://*.dynatrace.com https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.ca https://*.google.com https://*.google.com.co https://*.google.com.mx https://*.google.com.pa https://*.googletagmanager.com https://*.groovinads.com https://*.imgix.net https://*.ingest-lr.com https://*.lr-in-prod.com https://*.lr-in.com https://*.lr-ingest.io https://*.online-metrix.net https://*.paypal.com https://*.safetypay.com https://*.perfdrive.com https://*.qualtrics.com https://*.s3.amazonaws.com https://*.s4n.co https://*.securitytrfx.com https://*.sojern.com https://*.trackedweb.net https://*.uplift-platform.com https://*.uplift.com https://ads.travelaudience.com https://capig.entravision.com https://everymundo.github.io https://fonts.googleapis.com https://i.ctnsnet.com https://insight.adsrvr.org https://s3.amazonaws.com https://*.regulaforensics.com https://www.googleadservices.com wss://websocket.copa.s4n.co wss://p42aspfrbb.execute-api.us-east-1.amazonaws.com wss://d-bgco25mg75.execute-api.us-east-1.amazonaws.com https://www.googleoptimize.com https://www.kayak.com data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self' https://*.s4n.co https://*.copaair.com
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.copaair.com
capig.entravision.com
cdn.lr-in-prod.com
checkin.copaair.com
connect.facebook.net
fonts.googleapis.com
r.lr-in-prod.com
region1.analytics.google.com
region1.google-analytics.com
seats.copaair.com
secure.copaair.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
api.copaair.com
www.google.de
104.198.23.205
107.154.76.229
2001:4860:4802:34::36
2001:4860:4802:36::178
2600:1f10:4587:7500:52f:324d:b45f:b7d8
2606:4700:3034::ac43:a57f
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2008
2a00:1450:400c:c00::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
0b9d810265fd3ae713828cdebb9eaf3188afcfdf7ca0a2da0b1450729471af4e
107c536048df698e054fd2fcd8c638edc2b727f6afc4587c3acbffed41e10d5d
1afd4c14480421a77cec441591c9fb3368c64fc39a4234cf5f29c6d5a5e47483
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
28991dea7693c4f02233203db2bdc9f913d9f0efb646af491fa9a08b8f69e2b7
2e097c49442cf9575a571518a17a0e6b5b99993d5c9d9b16f99215c1dc764690
3969534288019ae6f46aca8a413149edbcccb10c1e810960fed5ec2dd2bf5028
3e565d304fa015c8afb9e62d3eb5daac1531f05b52ea532bf4ff37a23d392038
445ffa46efe4ac583389984235653f38e6b8b03e03ddc141825a520a900066f4
45e70f6420edead64acba51da8f7b992af700a6ead49f8885fecacac711d1d71
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
56c037da55b611a2cef4fac67ea0020954bd39ad7a5b7b2ac4d2f59a3a77cde1
73102bb420d9f15c2140e482e302daf77f187bfb20bf6d2dc798fd8f6f3583ef
733ab6e9801a2ff3915579ce951c32e9f75e4e5639b8bd15ba4e92a2d2401cd7
79d08edb5b23fcc8da45fcc77210c8e18771fcf3876dda7d2596cb3ed0512333
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8675a8ab2e2f910adad10aada15aa20011cb2a054e1c7c5e05dd826fbabcba9b
870e93c6243968c014a5f69646e12aae36145f617c7f9536af438a3627e78894
90eebf172c1b8a01d85ecaccb117ca58cdfdda0ee5e0c78be65c16acec4822b2
967fa6404084068b1bb6f88cbb2c75e6b82031e4c7c9626c7f4cdbee3d885198
98098c8dcecbd5de850ca12911ff2abce2d5e23de0cc3c9b8b6077c7d011a7a5
a7f2916631013f6c073d520b8890e59d5e9fd595f2f914c1a970c55c85c83f37
aa279df3e4c190b51aa05859d16d75ce0dfbe28a2c913fdd440af1877468dba9
b5ac668b4ddef0075d6104e19203fed3bbbebd0d60a3451a15f532b62f1fd815
b5d6b0d06fc47e4b258b5318f38bc1018247b5f9f08c9ffca2d2ce8a5db550d1
b9bf29bf36c079c1353d70bf6b998767c0864ca6b5a069585b5bf591f6a7cd77
bd72c1b84ab3725f30030dffa86bebb4f66e5fc9dbcadc1e06917f8b57079bfa
c02b6c473ad5d206ff470edc5c932a87e45946da3006fa1b396723c6177b7140
c70eae10203554a9593b1b4984d1b12df9d08b31efde614d52355ebbf65596b2
ca7bf35da4a2a6b0db922106ee7d90be8640c01c669026b043f933b13653b0a6
dd273f9770918157c15119eeab78bcb5babaee0da60bffa1765c391d337a1e0f
ddfac692dba5aef0a11c97c41602329bf116c4156db7c2f2c5b91e041ce67695
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e533c0216dd6b86f341fa56b66373d67b9f588d620925859c525e8b4952fa134
ec578d1bfb68efe6dec0a15245607939d8be5c71f03e174f7f6070db40b037c4
ffae9431def3390a1dc09d80a41f9c224affd01ad64970dc157790e9dbdf7721