Can someone create a fake document from scratch instead of modifying an existing one?

All dates and times on HTPBE? are displayed in UTC (Coordinated Universal Time) for consistency, accuracy, and transparency. This is an intentional design choice to ensure everyone sees the same absolute time regardless of their location.

What is UTC?

UTC is the global time standard used worldwide. It’s equivalent to GMT (Greenwich Mean Time) and serves as the reference point for all timezones. Unlike local time, UTC never changes with daylight saving time or regional adjustments.

Why We Use UTC:

• Universal consistency: Everyone sees the exact same timestamp regardless of their location or timezone
• No timezone confusion: A document created “at 14:00” could mean different absolute times in New York vs Tokyo. UTC eliminates this ambiguity
• Technical accuracy: PDF files internally store timestamps in UTC. Displaying them in UTC preserves the original data without conversion errors
• International collaboration: When sharing results with people in different countries, UTC provides a common reference point
• Audit trail integrity: For legal and compliance purposes, UTC timestamps create unambiguous records

How to Convert UTC to Your Local Time:

If you need to know what time something was in your timezone:

• Google search: Type “14:00 UTC in [your timezone]” to get instant conversion
• Mental calculation: Add your UTC offset. For example, if you’re in New York (UTC-5), subtract 5 hours from UTC time
• Time converter tools: Many free online tools convert UTC to any timezone

Common UTC Offsets:

• New York: UTC-5 (or UTC-4 during daylight saving)
• London: UTC+0 (or UTC+1 during summer time)
• Paris/Berlin: UTC+1 (or UTC+2 during summer time)
• Dubai: UTC+4
• Singapore/Hong Kong: UTC+8
• Tokyo: UTC+9
• Sydney: UTC+10 (or UTC+11 during daylight saving)

What This Means for You:

When you see a timestamp like “12.02.2026 09:35:21 UTC” on HTPBE?:

• This is the absolute, universal time the event occurred
• It’s the same timestamp everyone else sees, regardless of their location
• You can convert it to your local time if needed, but the UTC value is the authoritative record

Example Scenario:

You upload a PDF at 3:00 PM in New York (UTC-5). The check date shows “20:00 UTC” because:

• 3:00 PM in New York = 15:00 in 12-hour format
• 15:00 - 5 hours offset = 20:00 UTC

Someone viewing the same result in Tokyo (UTC+9) also sees “20:00 UTC”, not their local time. This ensures consistency and prevents confusion.

Bottom Line:

UTC display may seem unusual if you’re used to seeing local times, but it’s the professional standard for global systems. It ensures accuracy, eliminates timezone-related errors, and provides a reliable foundation for document fraud detection timestamps.

A creation date slightly after the check time usually means clock drift — a small difference between your computer’s clock and our server’s clock. Computers without automatic time synchronization can drift several minutes fast, so a PDF created on such a device will show a timestamp a few minutes ahead of the actual server time. This is completely normal.

Quick risk guide based on the time difference:

• Under 10 minutes: Low risk — almost certainly clock drift, not suspicious
• 10 minutes to 1 hour: Medium risk — worth investigating for important documents
• More than 1 hour: High risk — unlikely to be accidental; check independently
• Days, weeks, or months: Very high risk — strong indicator of intentional clock manipulation or metadata tampering

Always evaluate the full picture: the overall modification result, other metadata fields (Creator, Producer), and the context of where the document came from. A 4-minute discrepancy in a payment confirmation from a known client is routine. A 4-day discrepancy in a contract from a new counterparty requires investigation.

Full explanation with examples →

HTPBE? (Has This PDF Been Edited?) is a free online service that detects whether a PDF document has been modified after it was originally created. Upload your PDF and get an instant result in seconds — no registration, no payment, no technical knowledge required. Files up to 10 MB are supported.

The service analyzes the PDF’s internal structure, metadata, and creation history to detect any signs of post-creation modifications. Results come in three states: Intact (no modification found), Modified (modification detected), or Cannot Determine (the PDF was created with consumer software such as Microsoft Word or Google Docs, where anyone can create a document from scratch).

How HTPBE? works

HTPBE? uses multi-layer forensic analysis to detect post-creation modifications. The system examines:

• PDF metadata — creation and modification timestamps, creator and producer applications, PDF version
• Internal file structure — byte-level evidence of modification, xref tables, incremental update sections
• Digital signatures — presence, validity, and post-signature modifications
• Embedded content — JavaScript, hidden file attachments, and other suspicious elements

The detailed metadata and findings on the result page explain the reasoning behind each verdict.

Common use cases

HTPBE? is used across many real-world situations:

• Financial & payments: bank transfer receipts, payment screenshots, invoices from suppliers, expense receipts, financial statements
• Business & legal: contracts, business agreements, court documents, legal notices
• Academic & professional: educational certificates, diplomas, academic transcripts, professional licenses
• E-commerce & marketplaces: shipping confirmations, order confirmations, return and refund documentation

In every scenario, HTPBE? provides a quick first check to identify potentially tampered documents, helping you make safer decisions in transactions and business dealings.

Who uses HTPBE?

The service is used by anyone who receives PDF documents and needs to trust their authenticity before making a decision:

• Online sellers and marketplace vendors checking payment confirmations from buyers before shipping
• Freelancers and independent contractors validating client payment receipts and invoices
• Small business owners reviewing invoices and financial documents from customers and suppliers
• HR and recruitment professionals checking certificates, diplomas, and credentials from job applicants
• Landlords and property managers validating tenant payment confirmations and rental receipts
• Accountants and bookkeepers reviewing expense receipts and financial paperwork
• Legal professionals performing preliminary checks on document integrity
• Lending and risk teams using the API to detect edited bank statements at scale

Is it free?

Yes — the web tool at htpbe.tech is completely free and unlimited for manual checks. You can upload PDFs up to 10 MB, receive instant analysis, and access detailed results including metadata, findings, and modification verdict. No registration, no payment, no quota.

For developers and businesses needing programmatic access, the API offers monthly subscription plans starting at $15/mo. The free web tool does not consume any API quota.

Is it safe?

Yes. HTPBE? is built around a strict privacy model:

• Files are never read. The service analyzes only the technical file structure — metadata, xref tables, signatures — and never extracts or reads document content. Sensitive contracts, financial statements, and personal records remain confidential.
• Files are deleted automatically. Uploaded PDFs are stored temporarily in encrypted cloud storage solely for the duration of the analysis and are permanently purged after processing.
• Encrypted in transit. All uploads and result pages use HTTPS/TLS.
• Only metadata is retained. The result page stores the verdict, extracted metadata (filename, file size, dates, creator, producer), and structural findings — never the original file content.