Correlation Snapshot
How attacker behavior clusters inside suspicious pages from the latest run.
Lure -> Execution Correlation
5 sites (13.9%)
Suspicious sites that combine social lures and execution indicators.
Clipboard -> Execution Correlation
5 sites (13.9%)
Sites where clipboard abuse appears alongside command execution behavior.
Redirect -> Obfuscation Correlation
21 sites (58.3%)
Sites blending redirect staging with encoded or obfuscated script content.
Full Chain (Lure + Clipboard + Execution)
5 sites (13.9%)
Potential end-to-end social engineering chains in a single page sample.