What is canonicalizer.ucsuri.tcs?
Recently I have observed a few hosts which were attempting to POST data to this domain, albeit, unsuccessfully as this is not a valid domain. Everything about the data in the PCAP suggests Microsoft SmartScreen, such as the user agent and even the decoded hex in the HTTP request header: For example: 252F680074007400700073003a002f002f00700069006e0067002e002e0063006800650063006b0061007000700065007800650063002e006d006900630072006f0073006f00660074002e0063006f006d002f00770069006e0064006f00770073002f007300680065006c006c002f0061006300740069006f006e007300 Translates to https://ping..checkappexec.microsoft.com/windows/shell/actions Upon further investigation, I found that several hosts were attempting to query and unsuccessfully resolve this domain. So I did some digging and the results for this ranged wildly: A Patent for reputation based software patentimages.storage.googleapis.com/pdfs/US8695092.pdf A suggestion that this is part of a Canon printer https://translate.googl...