Did
tshark -nn -r 2015-03-03-traffic-analysis-exercise.pcap -z conv,tcp > tcp_convs
tshark -nn -r 2015-03-03-traffic-analysis-exercise.pcap -z conv,udp > udp_convs
tshark -nn -r 2015-03-03-traffic-analysis-exercise.pcap -z conv,ip > ip_convs
tshark -nn -q -r 2015-03-03-traffic-analysis-exercise.pcap -Y http.request.full_uri -T fields \
-e http.request.full_uri -e http.referer | grep 'moonstoneafgelekte.onewide.co.uk' >>
capinfos 2015-03-03-traffic-analysis-exercise.pcap > time
## assembled host_data with Wireshark paste in vim
Got
$ cat host_data time domain_contact
GREGORY-PC
38:2c:4a:3d:ef:01
172.16.101.196
File name: 2015-03-03-traffic-analysis-exercise.pcap
Capture duration: 468.307323 seconds
First packet time: 2015-03-03 14:05:10.986424
Last packet time: 2015-03-03 14:12:59.293747
http://moonstoneafgelekte.onewide.co.uk/lists/21464825379144707411
Referrer: http://www.awesomeapartments.com/
http://moonstoneafgelekte.onewide.co.uk/hbFepz7fRhZzugsT0Dkn0sFR3Vd4kQAeu2ayI1j6AtlKMCUQ
Referrer: http://moonstoneafgelekte.onewide.co.uk/lists/21464825379144707411