Curious how they handled it at the CDN level. I use Bunny CDN for video streaming on my project and signed URLs help a lot for abuse prevention, but a full DDoS is a different beast entirely.