We have a requirement to ensure fake pages of our website is not hosted by malicious users. By understanding the APIs called from the browser developer tools, a malicious user can build a similar looking website and mimic the API calls. (Similar to how bank login pages are faked)