This document proposes a method called Excision to detect malicious third-party content inclusions in web pages before attacks occur. Excision builds inclusion trees to model relationships between remotely loaded resources, extracts features from these trees, and uses pre-trained models to classify inclusion sequences as benign or malicious. An evaluation found Excision could detect 177 new malicious hosts before they appeared in blacklists, with only moderate performance overhead.