Queries the details of a volumetric attack type.

Note This operation is inapplicable to resource exhaustion attacks on websites or connection flood attacks.


OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeDDosEventAttackType

The operation that you want to perform. Set the value to DescribeDDosEventAttackType.

EventType String Yes defense

The type of the attack event that you want to query. Valid values:

  • defense: attack events that trigger traffic scrubbing
  • blackhole: attack events that trigger blackhole filtering
Ip String Yes 203.***. ***.199

The IP address of the attacked Anti-DDoS Pro or Anti-DDoS Premium instance.

StartTime Long Yes 1598948471

The beginning of the time range to query. This value is a UNIX timestamp representing the number of seconds that have elapsed since the epoch time January 1, 1970, 00:00:00 UTC.

Note You can call the DescribeDDosAllEventList operation to query the beginning time of all attack events.

All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see Common parameters.

For more information about sample requests, see the "Examples" section of this topic.

Response parameters

Parameter Type Example Description
AttackTypes Array of EventAttackType

The information about the attack types.

AttackType String Tcp-Syn

The type of the attack. Valid values:

  • QOTD-Reflect-Flood: QOTD reflection attacks
  • CharGEN-Reflect-Flood: CHARGEN reflection attacks
  • DNS-Reflect-Flood: DNS reflection attacks
  • TFTP-Reflect-Flood: TFTP reflection attacks
  • Portmap-Reflect-Flood: Portmap reflection attacks
  • NTP-Reflect-Flood: NTP reflection attacks
  • NetBIOS-Reflect-Flood: NetBIOS reflection attacks
  • SNMPv2-Reflect-Flood: SNMPv2 reflection attacks
  • CLDAP-Reflect-Flood: CLDAP reflection attacks
  • Ripv1-Reflect-Flood: RIPv1 reflection attacks
  • OpenVPN-Reflect-Flood: OpenVPN reflection attacks
  • SSDP-Reflect-Flood: SSDP reflection attacks
  • NetAssistant-Reflect-Flood: NetAssistant reflection attacks
  • WSDiscovery-Reflect-Flood: WS-Discovery reflection attacks
  • Kad-Reflect-Flood: Kad reflection attacks
  • mDNS-Reflect-Flood: mDNS reflection attacks
  • 10001-Reflect-Flood: reflection attacks over port 10001
  • Memcached-Reflect-Flood: Memcached reflection attacks
  • QNP-Reflect-Flood: QNP reflection attacks
  • DVR-Reflect-Flood: DVR reflection attacks
  • CoAP-Reflect-Flood: CoAP reflection attacks
  • ADDP-Reflect-Flood: ADDP reflection attacks
  • Tcp-Syn: TCP SYN flood attacks
  • Tcp-Fin: TCP FIN flood attacks
  • Tcp-Ack: TCP ACK flood attacks
  • Tcp-Rst: TCP RST flood attacks
  • Tcp-Pushack: TCP PSH-ACK flood attacks
  • Tcp-Synack: TCP SYN-ACK flood attacks
  • Udp-None: UDP attacks
  • Udp-Ssh: UDP-based SSH attacks
  • Udp-Dns: UDP-based DNS attacks
  • Udp-Http: UDP-based HTTP attacks
  • Udp-Https: UDP-based HTTPS attacks
  • Udp-Ntp: UDP-based NTP attacks
  • Udp-Ldap: UDP-based LDAP attacks
  • Udp-Ssdp: UDP-based SSDP attacks
  • Udp-Memcached: Memcached UDP reflection attacks
  • Tcp-Other: other TCP attacks
  • Icmp: ICMP flood attacks
  • Igmp: IGMP flood attacks
  • Ipv6: IPv6 attacks
InPkts Long 145902

The number of request packets of the attack type.

RequestId String 6F644A6E-40E7-483F-9DBB-CC27E16BB555

The ID of the request.


Sample requests

http(s)://[Endpoint]/? Action=DescribeDDosEventAttackType
&Ip=203. ***. ***.199
&<Common request parameters>

Sample success responses

XML format


JSON format

	"RequestId": "6F644A6E-40E7-483F-9DBB-CC27E16BB555",
	"AttackTypes": [
			"AttackType": "Tcp-Syn",
			"InPkts": 145902
			"AttackType": "Tcp-Other",
			"InPkts": 3

Error codes

For a list of error codes, visit the API Error Center.