The "redirect" phenomenon occurs most commonly in captive portal environments: airport Wi-Fi, hotel logins, coffee shop authentication pages. These networks intercept any HTTP request and force a redirect to their own login page. When Windows attempts to reach msftconnecttest.com and gets redirected instead of the expected text file, it correctly detects that something is wrong—but then, to resolve the situation, it automatically launches the default web browser to that same URL. The user suddenly sees an unfamiliar address, often with a nonsensical redirect chain like http://msftconnecttest.com/redirect leading to http://login.provider.com/... . To the user, it looks like a broken site or even a potential hack.