Only the two councils are impacted still.
Eastleigh are using Azure App Service, which collapsed for them. Azure App Service doesn't have any native anti-DDoS feature.
Trafford Council are using on prem webserver, which couldn't cope with load.
The problematic DDoS configs attached, $_1 is a variable for random gibberish - they basically stuff the search feature.