01:25 AM ============================================================================== 2006/7/6 15:40:57 413 172.16.1.100 202.56.192.6 GET / HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: search.msn.com ============================================================================== 2006/7/6 15:40:58 609 172.16.1.100 202.56.192.6 GET /sa/2_6_0_59767/common.css HTTP/1.1 Referer: http://search.msn.com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: search.msn.com ============================================================================== 2006/7/6 15:40:58 608 172.16.1.100 202.56.192.6 GET /sa/2_6_0_59767/common.js HTTP/1.1 Referer: http://search.msn.com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: search.msn.com ============================================================================== 2006/7/6 15:40:58 610 172.16.1.100 202.56.192.6 GET /s/logo/msft_118x35_whp.gif HTTP/1.1 Referer: http://search.msn.com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: search.msn.com ============================================================================== 2006/7/6 15:40:58 599 172.16.1.100 202.56.192.6 GET /s/gradient2.gif HTTP/1.1 Referer: http://search.msn.com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: search.msn.com ============================================================================== 2006/7/6 15:40:58 597 172.16.1.100 202.56.192.6 GET /s/btnface.gif HTTP/1.1 Referer: http://search.msn.com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: search.msn.com ============================================================================== 2006/7/6 15:40:58 596 172.16.1.100 202.56.192.6 GET /s/bullet.gif HTTP/1.1 Referer: http://search.msn.com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: search.msn.com ============================================================================== 2006/7/6 15:40:59 594 172.16.1.100 202.56.192.6 GET /s/mgou.gif HTTP/1.1 Referer: http://search.msn.com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: search.msn.com ============================================================================== 2006/7/6 15:41:9 681 172.16.1.100 202.56.192.6 GET /results.aspx?q=FIFA+World+Cup+2006&FORM=QBHP HTTP/1.1 Referer: http://search.msn.com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: search.msn.com ============================================================================== 2006/7/6 15:41:10 638 172.16.1.100 202.56.192.6 GET /s/more.gif HTTP/1.1 Referer: http://search.msn.com/results.aspx?q=FIFA+World+Cup+2006&FORM=QBHP User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: search.msn.com ============================================================================== 2006/7/6 15:41:18 393 172.16.1.100 66.102.15.101 GET / HTTP/1.1 Referer: http://search.msn.com/results.aspx?q=FIFA+World+Cup+2006&FORM=QBHP User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: fifaworldcupz.blogspot.com ============================================================================== 2006/7/6 15:41:19 341 172.16.1.100 209.8.25.150 GET /search.php?aid=56340&q=World+Cup HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.toptravel10.com ============================================================================== 2006/7/6 15:41:20 345 172.16.1.100 209.200.18.172 GET /5sv/cc2/s5g5/gallery1.php?id=827 HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:20 352 172.16.1.100 209.200.18.172 GET /5sv/images1/bg.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:20 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_01.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:20 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_02.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:21 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_03.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:21 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_04.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:22 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_05.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:23 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_06.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:23 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_07.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:23 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_08.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:24 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_09.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:24 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_10.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:24 354 172.16.1.100 209.200.18.172 GET /5sv/images1/text.gif HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:24 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_12.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:25 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_13.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:25 359 172.16.1.100 209.200.18.172 GET /5sv/cc2/s5g5/thumbs/1.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:25 359 172.16.1.100 209.200.18.172 GET /5sv/cc2/s5g5/thumbs/2.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:26 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_14.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:26 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_15.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:26 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_16.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:26 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_17.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:27 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_18.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:27 364 172.16.1.100 209.200.18.172 GET /5sv/images1/5starvideos_19.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:27 359 172.16.1.100 209.200.18.172 GET /5sv/cc2/s5g5/thumbs/3.jpg HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:30 446 172.16.1.100 209.200.18.172 GET /5sv/cc2/s5g5/movie1.php?bgcolor=ABECFE&border=003366&id=827 HTTP/1.1 Referer: http://www.videosgalleries.com/5sv/cc2/s5g5/gallery1.php?id=827 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:31 260 172.16.1.100 209.200.18.172 GET /5sv/cc2/s5g5/sound/1.mpg HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.videosgalleries.com ============================================================================== 2006/7/6 15:41:34 329 172.16.1.100 85.255.118.14 GET /zip/zipcodec-v6.827.exe HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: www.zipcodec.com Total count in Win2000MSNSearchResult_Zipcodec.pcap: 606 IP List: resolved fifaworldcupz.blogspot.com - 66.102.15.101 search.msn.com - 202.56.192.6 www.toptravel10.com - 209.8.25.150 www.videosgalleries.com - 209.200.18.172 www.zipcodec.com - 85.255.118.14 The DNS queries made are as follows: 1.search.msn.com 2.fifaworldcupz.blogspot.com 3.www.toptravel10.com 4.www.videosgalleries.com 5.www.zipcodec.com 01:25 AM