FIG. 4 shows the workflow of off-line machine-learning model generation process. Model generation starts with a historical dataset of AP HTTP responses raw data (401) that may be synthetically generated, environment-controlled generated or collected using invention method if AP class is known. The raw data might be in network dump format, structured or non-structured format, text format, or any file format that contains the necessary information to extract the selected features (402). HTTP response data may or not contain the information of its respective order on the HTTP redirect chain when packet was captured. If data contain packet order information, it may be used to tailor specific models for each packet respective order, or used as weight function during the final combination of model results. Then, AP HTTP responses are labelled according to the objective of classification model (403). Next, different types of feature extractors will convert all labelled AP response raw data (404) into the numerical features. The feature extraction method (405) includes an HTTP header feature extractor, suitable for all packets, an HTTP content feature extractor which may be used or not depending if packet has sufficient content data, which may defined by an HTML data size threshold, and a NLP feature extractor which will only be executed over the last packet responses of a redirect chain. After feature extraction process, data is now represented as feature vectors (406) which serve as input for off-line model training algorithms (407). Off-line model training algorithms refers to any learning algorithm that may rely on clustering, classification, distance-based or other machine-learning technique, aimed to create a model that generalizes properties and patterns of historical data to apply predictions or classifications on future data. The training process may also include the steps of data cleaning, data cleansing, data filtering, feature selection, feature reduction, normalization, standardization, cross-validation, among other pre-processing and post-processing techniques. The off-line model training process might generate several models with its respective results (408), in which the best model may be selected according to an evaluation criterion. If packet order is considered in the model generation process, input data will be split according to its order to create different machine-learning models corresponding to each specific packet order in the HTTP redirect chain. The final machine-learning models generated (409) may be represented as a binary file, object file, parameter values in case of parametric models, weights, text description, or any type or combination of data files that entirely represent a machine-learning model.