Searching the registry for a GUID found in an associated HttpService 112 event's details tab in Event Viewer revealed a key containing URLs corresponding to each of the HttpService Event Log entries. Since this key is within the Services folder/key:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTTP\Parameters\UrlAclInfo
it would then seem as if the offending service is HttpService itself. However, what processes/services registered these URLs are most likely at the root of the cause. The process/service names that appear within the URLs are clear indicators (rdp, wsman, apps, MDEServer, ...). I suppose that it could've registered a few for itself, possibly for utilitarian purposes.
![2023-07-18 (1)](https://learn-attachment.microsoft.com/api/attachments/42ca3d45-aefd-45b8-9083-0302e3d3a90d?platform=QnA)
![2023-07-18 (2)](https://learn-attachment.microsoft.com/api/attachments/56dde41e-f8f4-40d1-99ce-0dfed793c932?platform=QnA)
Note also that ProcessId 4 corresponds to the kernel system process:
![2023-07-18 (4)](https://learn-attachment.microsoft.com/api/attachments/dff56877-513e-421d-96a1-03d14e76e160?platform=QnA)