Is this a production website? You have debug enabled. This is a GIANT security hole in your website. Passwords, internal configuration, version numbers, all kinds of things are potentially available to would-be attackers, Google, etc. Turn off debug and see if your problems go away.
As for Postman, Ajax calls will break if your PHP is pumping random debug statements into your HTML, and Postman uses quite a bit of Ajax.
I have debug enabled in my TEST environment, but I write everything to disk, not out to HTML. This is the proper way to briefly enable debug in a production environment:
define('WP_DEBUG', true);
define('WP_DEBUG_LOG', true);
define('WP_DEBUG_DISPLAY', false);Edit: Also check your PHP Configuration, PHP may be configured to pipe debug output to HTML with the display_error parameter.