Hmm, this actually looks like a legitimate issue:https://cxsecurity.com/issue/WLB-2019030006I tried, and it does in fact work on this site, which is a problem for reasons explained here:https://www.netsparker.com/blog/web-security/open-redirection-vulnerability-information-prevention/It is not impossible that Optus has found someone exploiting it for phishing attacks.
I am back on. Thanks to Bstrong and webmaster.Peter
So I can stand down? Thank you everyone involved.