TOOLS / TIMESTAMP

Timestamp Converter

Convert between Unix epoch (seconds / milliseconds), ISO 8601, RFC 3339, and human-readable formats. Useful for parsing log entries during incident response. Pure JavaScript — no requests sent.

What it does

Every IR or threat-hunt question eventually asks: "when did this happen, and what else was happening at the same time?" Log sources speak different time formats — UNIX epoch in seconds, milliseconds (JavaScript), microseconds (Linux kernel ring buffer), ISO 8601, RFC 2822, syslog priority+date, Apache common-log-format. This converter normalizes any of those into every other format so you can correlate across sources.

How to use it

Paste any timestamp format — epoch (seconds OR milliseconds, we auto-detect), ISO 8601, RFC 2822, or the word "now".
Click "Convert" — every common representation renders at once.
Click "Use now" for the current time in all formats.
Cross-reference the relative-time field ("3 hours ago") when correlating with breach disclosure timing.

Common use cases

Log correlation Convert epoch timestamps from your SIEM to ISO 8601 so you can search other logs that use ISO format.

Cookie / JWT expiry Decode the "exp" claim from a JWT (epoch) to know exactly when a session expires.

File-MAC times Convert ext4 / NTFS file timestamps (often in nanoseconds since epoch) for timeline analysis.

Phishing dwell time Calculate hours-between-send and hours-until-detection when timestamping email deliveries.

Frequently asked questions

Seconds or milliseconds? +

Numbers larger than 10^12 are treated as milliseconds; smaller as seconds. Most Linux/Unix uses seconds; JavaScript / mobile uses ms.

What timezone is shown? +

All UTC + local browser timezone. We never assume the user’s timezone.

Why does my date come back as 1970? +

You probably pasted 0 or a negative number. Unix epoch starts at 1970-01-01 00:00:00 UTC.