The Internet connection is hijacked by a captive portal gateway.
The graphical shell may open a sandboxed web browser window (because the captive portals typically attempt a man-in-the-middle attacks
against the https connections) for the purpose of authenticating to a gateway and retrigger the connectivity check with
CheckConnectivity when the browser window is dismissed.