In this article we address the problem of automated Hypertext Transfer Protocol (HTTP) request structure analysis applied to web layer cyber attacks detection. In this method, we propose a multiple HTTP sequences clustering algorithm combined with the machine-learnt classifier. The main goal behind this approach is the fact that we use the request structure and the statistical measurements of its content in order to detect anomalous behaviour of connections established between client and server. One of the advantages of the proposed method is that our solution does not need any prior knowledge about protocols and APIs that use HTTP as a transportation layer (e.g. RESTFull API, SOAP, etc.). Our experiments prove that the proposed method can achieve satisfactory results and is competitive to other state-of-the-art solutions.