Do countries get the manifest of every passenger that's flying through their airspace? Who knows who's boarded on a plane?

Presuming you used a credit card for the transaction, that is no longer a secret.

https://www.fastcompany.com/90490923/credit-card-companies-are-tracking-shoppers-like-never-before-inside-the-next-phase-of-surveillance-capitalism

In one sense, cardholders are safer from identity theft than ever before. At the same time, they’re now shopping in a panopticon, with companies tracking and analyzing their purchases in near real time. It’s never been tougher to know who’s out there watching and selling this data—to say nothing of who’s buying.

You’d think it’s anonymous but

But it isn’t so anonymous. In 2015, de Montjoye and colleagues at MIT took a data set containing three months’ worth of credit card transactions by 1.1 million unnamed people, and found that, 90% of the time, they could identify an individual if they knew the rough details (the day and the shop) of four of that person’s purchases.

I would readily presume anyone taking interest, even just a PI not to mention the intelligence services of a state, could easily figure out all my transactions.

But yes, in this case this was HUMINT but there are many ways this could’ve happened.

To answer the part of your question I quote here:

I wonder if the Belarus intelligence was handed the manifest as a routine or they somehow got access through it using spyware?

That would be "SIGINT". This particular operation was done with HUMINT: Roman Protasevitch was physically followed into the airport and up to the counter by an agent who queued up directly behind, and snuck photographs of documents being presented.

Protasevitch noticed all this, and notified friends of the encounter via Telegram, a messaging app, presumably before boarding the flight.

Protasevitch continued on the flight anyway, perhaps not knowing an EU internal flight would cross Belarus.

Aside from the fighter jet, there were also reportedly three intelligence service agents who rode the plane also, but disembarked in Belarus. One could ask on aviation.se whether such agents would have the means to force the aircraft to divert to an enroute airport.

Details may differ significantly from country to country and ignoring that it in many situations is still possible to fly without having to present any form of ID when checking in, making it possible to fly with a ticket in a different name, in general:

• If you buy your ticket from some kind of agency and not directly from the airline, the agency will of course know that you bought a ticket for the given departure. If the reservation agency is collecting further data (e.g. date of birth, payment information, passport data, frequent flyer identifications) during the booking process, they will of course also have access thereto. The agency will not have access to the complete passenger list of a flight, just to the passengers booked through that agency and usually not know if the passenger is actually on board the plane or not.

• All airlines involved in the conduct of the flights on your ticket will have access to the information.

• The airports usually have no access to passenger data. It is of course technically possible that the airport is collecting and storing your name if you e.g. have to scan your boarding pass when going through security, but doing so will in many countries, e.g. in the EU, be a breach of privacy law. Details may also depend on whether the airport is operated by a private company or the governmental authorities.

• Airlines are, in most countries, required to file the passenger manifest to the authorities to get a takeoff clearance for a flight. It will differ from country to country to which authorities the manifest must be sent (that can be flight safety authorities, police, immigration, border surveillance, customs) and how the authorities automatically share data between each other. If the manifest must be sent well in advance, it will usually contain all passengers having booked a ticket on the flight. In other cases, airlines may only be required to send a manifest after boarding has been completed with a list of passengers, who are actually on board the aircraft.

• Airlines are in several countries required to file a passenger manifest before landing when a plane is arriving from abroad.

• As jcaron already pointed out in a comment, airlines are also required to file a passenger manifest to get clearance to fly through US airspace. As far as I know, the USA is the only country requiring this.

• In some countries, the authorities may have a much wider access to the airlines booking system with access to all details of a booking and not just to passenger manifests.