diff --git a/HMACAuthentication.WebApi/Filters/HMACAuthenticationAttribute.cs b/HMACAuthentication.WebApi/Filters/HMACAuthenticationAttribute.cs
index 18c6da3..272c054 100644
--- a/HMACAuthentication.WebApi/Filters/HMACAuthenticationAttribute.cs
+++ b/HMACAuthentication.WebApi/Filters/HMACAuthenticationAttribute.cs
@@ -151,7 +151,14 @@ private bool isReplayRequest(string nonce, string requestTimeStamp)
 
             var serverTotalSeconds = Convert.ToUInt64(currentTs.TotalSeconds);
             var requestTotalSeconds = Convert.ToUInt64(requestTimeStamp);
-
+            
+            //here need additional check for requestTotalSeconds variable
+            //for example if requestTotalSeconds more on one second(because request host has different time),
+            //result of statement serverTotalSeconds - requestTotalSeconds
+            //will be very big value and not negative as expected so all request will treated as reply attack and rejected
+            //check code in comment for this file.
+            //suggestion is - convert to signed integer, so even if request local time will be far away from server time it will be
+            //still processed
             if ((serverTotalSeconds - requestTotalSeconds) > requestMaxAgeInSeconds)
             {
                 return true;
@@ -199,4 +206,4 @@ public async Task<HttpResponseMessage> ExecuteAsync(CancellationToken cancellati
             return response;
         }
     }
-}
\ No newline at end of file
+}