Login to Azure portal with a Hotmail account is blocked. It is allowed with corporate account.
The policy blocking the request is the following:
The following document explains which extensions are identified as executables (see "Object Code, Executable Files, Shared and Dynamically-Linked Libraries"):
COM is one of the mentioned extensions. Looking at har file, the following URL being blocked:
If the Full URL looked like this, where "user123" was the real Hotmail account name:
We can see from the HAR that a user with a Hotmail user name of "user123" would access the url:
A shorter URL (https://firstname.lastname@example.org) is blocked as well.
This shows, that "onmicrosoft.com" domain is as a file extension (changing .com to .net is sufficient to have this URL not blocked).
The solution for this type of the issue is to allow the Azure login domain and place it just above the rule blocking Executables file type: