POST https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key=AIzaSyAYZP_ZzeDXyVSGn7_spG5Q3sAk5Mwauvo
"Content-Type": application/json; charset=utf-8
POST https://us-central1-proper-base.cloudfunctions.net/sendResetPasswordEmail
"Content-Type": application/json; charset=UTF-8
POST https://us-central1-proper-website.cloudfunctions.net/validateAccessCode
"Content-Type": application/json; charset=utf-8
POST https://sentry.io/api/1460376/store/?sentry_key=b2f5887233bf49a9ab5a0c24ada45da7&sentry_version=7
"Content-Type": text/plain;charset=UTF-8
Except for the POST request made to Sentry service, all of them are using the same content type
Seems that none of them have prefilight, probably because all of them are consider "Simple Rquest" and the API's (backend) are using the Access-Control-Allow-Origin header
The main framework used is Vue.js