tshark -o "ssl.keylog_file: dump_161218_2344_g0n_SSLKEYLOGFILE.txt" -r dump_161218_2344_g0n.pcap -qz hosts > dump_161218_2344_g0n.hosts tshark -o "ssl.keylog_file: dump_161218_2344_g0n_SSLKEYLOGFILE.txt" -r dump_161218_2344_g0n.pcap -qz conv,ip > dump_161218_2344_g0n.conv-ip -rw-r--r-- 1 miro miro 1984 2016-12-19 00:00 dump_161218_2344_g0n.hosts -rw-r--r-- 1 miro miro 3086 2016-12-19 00:00 dump_161218_2344_g0n.conv-ip -rw-r--r-- 1 miro miro 31068 2016-12-19 00:00 dump_161218_2344_g0n.POST tshark-http-uri.sh -k dump_161218_2344_g0n_SSLKEYLOGFILE.txt -r dump_161218_2344_g0n.pcap -rw-r--r-- 1 miro miro 8108 2016-12-19 00:00 dump_161218_2344_g0n-frame-http-request-full_uri.txt tshark -o "ssl.keylog_file: dump_161218_2344_g0n_SSLKEYLOGFILE.txt" -r dump_161218_2344_g0n.pcap -V -Y "ssl.resumed" > dump_161218_2344_g0n_ssl.resumed.txt -rw-r--r-- 1 miro miro 71294 2016-12-19 00:05 dump_161218_2344_g0n_ssl.resumed.txt tshark -o "ssl.keylog_file: dump_161218_2344_g0n_SSLKEYLOGFILE.txt" -r dump_161218_2344_g0n.pcap -V -Y "tcp.analysis.flags" > dump_161218_2344_g0n_tcp.analysis.flags.txt -rw-r--r-- 1 miro miro 485264 2016-12-19 00:05 dump_161218_2344_g0n_tcp.analysis.flags.txt tshark -o "ssl.keylog_file: dump_161218_2344_g0n_SSLKEYLOGFILE.txt" -r dump_161218_2344_g0n.pcap -V -Y "tcp.analysis.rto" > dump_161218_2344_g0n_tcp.analysis.rto.txt -rw-r--r-- 1 miro miro 84190 2016-12-19 00:06 dump_161218_2344_g0n_tcp.analysis.rto.txt tshark -o "ssl.keylog_file: dump_161218_2344_g0n_SSLKEYLOGFILE.txt" -r dump_161218_2344_g0n.pcap -V -Y "dns" > dump_161218_2344_g0n_dns.txt -rw-r--r-- 1 miro miro 240796 2016-12-19 00:06 dump_161218_2344_g0n_dns.txt tshark -o "ssl.keylog_file: dump_161218_2344_g0n_SSLKEYLOGFILE.txt" -r dump_161218_2344_g0n.pcap -V -Y "dns.a" > dump_161218_2344_g0n_dns.a.txt -rw-r--r-- 1 miro miro 71691 2016-12-19 00:06 dump_161218_2344_g0n_dns.a.txt tshark -o "ssl.keylog_file: dump_161218_2344_g0n_SSLKEYLOGFILE.txt" -r dump_161218_2344_g0n.pcap -V -Y "frame.number==1337" > dump_161218_2344_g0n_frame.number==1337.txt -rw-r--r-- 1 miro miro 6192 2016-12-19 00:06 dump_161218_2344_g0n_frame.number==1337.txt tshark -o "ssl.keylog_file: dump_161218_2344_g0n_SSLKEYLOGFILE.txt" -r dump_161218_2344_g0n.pcap -V -Y "tcp.stream==3" > dump_161218_2344_g0n_tcp.stream==3.txt -rw-r--r-- 1 miro miro 798752 2016-12-19 00:06 dump_161218_2344_g0n_tcp.stream==3.txt -rw-r--r-- 1 miro miro 235 2016-12-19 00:07 dump_161218_2344_g0n.non-local-hosts-ls-1 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 31.7.184.106 forum.palemoon.org | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 31.7.184.106 <-> 192.168.1.4 332 50667 518 703926 850 754593 27.580090973 43.5397 --- 67.225.137.92 adgiant.io | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 67.225.137.92 <-> 192.168.1.4 84 13684 115 62585 199 76269 28.297088198 41.3318 --- 151.101.112.166 prod.contextweb.map.fastlylb.net | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 151.101.112.166 <-> 192.168.1.4 48 8480 47 34314 95 42794 29.362784774 40.2201 --- | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 81.2.237.32 <-> 192.168.1.4 36 2822 36 5704 72 8526 27.532444415 4.3817 --- 104.31.9.190 cloud.cashtrafic.info | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 104.31.9.190 <-> 192.168.1.4 28 1941 27 40790 55 42731 31.914548811 41.2521 --- 216.58.214.34 pagead.l.doubleclick.net | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 192.168.1.4 <-> 216.58.214.34 27 8419 25 3081 52 11500 29.498402381 9.0364 --- 107.178.247.200 p.ato.mx | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 107.178.247.200 <-> 192.168.1.4 16 2298 18 8218 34 10516 30.567497804 8.1645 --- 95.172.94.60 anycast-europe.quantserve.com.akadns.net | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 95.172.94.60 <-> 192.168.1.4 18 3295 15 5399 33 8694 30.738383557 8.1292 --- 108.161.187.8 scripts.chitika.netdna-cdn.com | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 108.161.187.8 <-> 192.168.1.4 18 1940 14 892 32 2832 28.016449017 42.0078 --- 104.197.47.161 tradeadexchange.com | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 104.197.47.161 <-> 192.168.1.4 17 3861 15 11268 32 15129 30.756532076 23.4498 --- 46.137.163.216 ttd-euwest-match-adsrvr-org-139334178.eu-west-1.elb.amazonaws.c | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 46.137.163.216 <-> 192.168.1.4 18 3128 12 6735 30 9863 29.540180064 39.5531 --- 185.152.65.39 1580762744.rsc.cdn77.org | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 185.152.65.39 <-> 192.168.1.4 12 1563 13 9654 25 11217 30.179799384 0.2807 --- 172.217.21.110 clients.l.google.com | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 172.217.21.110 <-> 192.168.1.4 12 1296 9 1374 21 2670 29.596381345 41.0160 --- 23.64.15.73 a1213.g.akamai.net | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 23.64.15.73 <-> 192.168.1.4 12 1302 9 1423 21 2725 29.681368729 40.9250 --- 178.255.83.1 ocsp.comodoca.com | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 178.255.83.1 <-> 192.168.1.4 10 1630 10 2415 20 4045 27.678540329 2.7481 --- 93.184.220.29 cs9.wac.phicdn.net | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 93.184.220.29 <-> 192.168.1.4 10 1162 8 1348 18 2510 30.886612286 15.5640 --- 23.37.43.27 e8218.dscb1.akamaiedge.net | <- | | -> | | Total | Relative | Duration | | Frames Bytes | | Frames Bytes | | Frames Bytes | Start | | 23.37.43.27 <-> 192.168.1.4 8 1000 7 2239 15 3239 31.081496509 41.0761 --- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=