Set-Cookie: GUEST_LANGUAGE_ID=es_ES; Expires=Tue, 08-Jan-2064 15:19:58 GMT; Path=/; HttpOnly
Content-Security-Policy: default-src 'self' https://*.copaair.com http://*.copaair.com https://*.copa.com http://*.copa.com https://*.copaair.com http://*.copaair.com https://*.copa.com http://*.copa.com https://*.google.com https://*.google.com.co https://*.google.sk http://*.googletagmanager.com https://*.gstatic.com http://*.google-analytics.com http://*.google-analytics.co https://*.googleapis.com http://*.trackedlink.net http://*.facebook.net https://*.facebook.com http://*.facebook.com http://*.bing.com http://trackedweb.net https://*.w55c.net http://*.w55c.net http://*.msn.com http://*.adnxs.com http://*.qualtrics.com http://*.doubleclick.net https://*.flightview.com http://*.innosked.com https://*.innosked.com http://*.intelliresponse.com https://*.intelliresponse.com http://*.frequentflyer.aero https://*.frequentflyer.aero https://*.fltmaps.com http://*.fltmaps.com https://*.nbxapps.com http://panamaesposible.com http://miparaisoatlantis.com http://*.googleadservices.com http://*.havasdigitalcolombia.com https://*.havasdigitalcolombia.com http://*.youtube.com https://*.youtube.com https://*.websecurity.norton.com https://*.mcafeesecure.com https://*.flightcontrol.io 'unsafe-inline' 'unsafe-eval' data: blob:
Via: 1.1 1f3fb60768611bd03244cf06312d5a9c.cloudfront.net (CloudFront)
Connection: close
Date: Fri, 26 May 2017 12:37:50 GMT
HTTP/1.1 200 OK
X-XSS-Protection: 1
Access-Control-Allow-Origin: http://www.copaair.com
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
X-Permitted-Cross-Domain-Policies: master-only
Set-Cookie: AWSELB=C98F3DCF1A037BC7168EF07D810B2BB4C65FADEDFD8AE5D27BCC26B959592E76DA79A46C565111C36FF85F32B64CB1487D9964EE1DA79945A9D9D059200132E51E29C1D8ED8F9D5E3C543D5FC8856D261EC40F2DB4;PATH=/;HTTPONLY
Set-Cookie: COOKIE_SUPPORT=true; Expires=Tue, 08-Jan-2064 15:19:58 GMT; Path=/; HttpOnly
X-Content-Type-Options: nosniff
X-Cache: Miss from cloudfront
X-Content-Security-Policy: default-src 'self' https://*.copaair.com http://*.copaair.com https://*.copa.com http://*.copa.com https://*.copaair.com http://*.copaair.com https://*.copa.com http://*.copa.com https://*.google.com https://*.google.com.co https://*.google.sk http://*.googletagmanager.com https://*.gstatic.com http://*.google-analytics.com http://*.google-analytics.co https://*.googleapis.com http://*.trackedlink.net http://*.facebook.net https://*.facebook.com http://*.facebook.com http://*.bing.com http://trackedweb.net https://*.w55c.net http://*.w55c.net http://*.msn.com http://*.adnxs.com http://*.qualtrics.com http://*.doubleclick.net https://*.flightview.com http://*.innosked.com https://*.innosked.com http://*.intelliresponse.com https://*.intelliresponse.com http://*.frequentflyer.aero https://*.frequentflyer.aero https://*.fltmaps.com http://*.fltmaps.com https://*.nbxapps.com http://panamaesposible.com http://miparaisoatlantis.com http://*.googleadservices.com http://*.havasdigitalcolombia.com https://*.havasdigitalcolombia.com http://*.youtube.com https://*.youtube.com https://*.websecurity.norton.com https://*.mcafeesecure.com https://*.flightcontrol.io 'unsafe-inline' 'unsafe-eval' data: blob:
Vary: Accept-Encoding
X-Amz-Cf-Id: mbIWPTNyLknaYgEGO-hZbUgcmSpHvd4Ox4ACxvjOn02ZyIKi0VWChw==
Set-Cookie: JSESSIONID=2A6D2FAEF16531088AA1D4928AFAC4A9.node3106; Path=/; HttpOnly