This is probably useless to you guys, but I noticed in your IRC room it says you're looking for tcp dumps. I dug up the originals. They are just http requests though, nothing exciting:
Avatar:
Sent:
QUOTE
GET /content/415607d1/1dda96f83713102a0e063a1b3a7bdac14f6934de.xcp HTTP/1.0
User-Agent: Xbox Live Client/2.0.2241.0
Host:65.59.234.165
Received:
QUOTE
HTTP/1.1 200 OK
Content-Length: 37775
Content-Type: application/octet-stream
Last-Modified: Thu, 17 Nov 2005 23:20:09 GMT
Accept-Ranges: bytes
ETag: "5847e273cdebc51:26f"
Server: MS-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 24 Nov 2005 20:22:15 GMT
Connection: close
Bejeweled:
Sent:
QUOTE
GET /content/584107d2/c708eca18922addc4737061d8e6fcfa865426d52.xcp HTTP/1.0
User-Agent: Xbox Live Client/2.0.2241.0
Host:65.59.234.165
Received:
QUOTE
HTTP/1.1 200 OK
Content-Length: 23012699
Content-Type: application/octet-stream
Last-Modified: Sat, 19 Nov 2005 02:29:50 GMT
Accept-Ranges: bytes
ETag: "2984c21db1ecc51:26f"
Server: MS-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 22 Nov 2005 08:43:19 GMT
Connection: close
Video:
Sent:
QUOTE
GET /content/fffe07c4/61a3d817bde2caf405dfcde581a7a1d1b0534f87.xcp HTTP/1.0
User-Agent: Xbox Live Client/2.0.2241.0
Host:68.142.127.15
Received:
QUOTE
HTTP/1.0 200 OK
Content-Length: 142690838
Content-Type: application/octet-stream
Accept-Ranges: bytes
ETag: "146093dbaefc51:26e"
Server: MS-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 22 Nov 2005 05:27:18 GMT
Last-Modified: Tue, 22 Nov 2005 02:17:16 GMT
Connection: close
Zuma (file resume):
Sent:
QUOTE
GET /content/584107ef/90226b760a840a3afc759094668da3fbe4df716d.xcp HTTP/1.0
User-Agent: Xbox Live Client/2.0.2241.0
Host:65.59.234.165
IF-UNMODIFIED-SINCE: Tue, 22 Nov 2005 00:36:50 GMT
RANGE: bytes=3543579-
Received:
QUOTE
HTTP/1.1 206 Partial Content
Content-Length: 22067188
Content-Type: application/octet-stream
Content-Range: bytes 3543579-25610766/25610767
Last-Modified: Tue, 22 Nov 2005 00:36:50 GMT
Accept-Ranges: bytes
ETag: "9f70d7d3fceec51:26f"
Server: MS-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 22 Nov 2005 07:39:02 GMT
Connection: close
---------------
And something else I tried was forwarding the IP that the xbox was requesting to a local IP of my webserver (apache running on 3074). I downloaded the zuma .xcp file and renamed it to the bejeweled file / location. Then on the xbox I went to download "Bejeweled" (what was actually Zuma..), and it actually fetched the file off my webserver. Cool. But after it finished downloading, it said that something had gone wrong and I should try to redownload the file. So even if it downloads a proper .xcp file, it seems that it has a checksum somewhere of what it's expecting. If it doesn't match, it won't run it.
Just to test that my webserver was sending the file properly, I downlaoded the originally zuma file, and placed it in the same path on my server. It then went into marketplace and tried to download Zuma. It fetched it from my server... and it ran just fine.
So now the question is.. where is that checksum coming from?