diff --git a/src/Module/Objects.php b/src/Module/Objects.php
index 3f8aea0d01..3aa8c9e217 100644
--- a/src/Module/Objects.php
+++ b/src/Module/Objects.php
@@ -31,11 +31,15 @@ class Objects extends BaseModule
 		/// @todo Add Authentication to enable fetching of non public content
 		// $requester = HTTPSignature::getSigner('', $_SERVER);
 
-		$item = Item::selectFirst(['id'], ['guid' => $a->argv[1], 'origin' => true, 'private' => false]);
+		$item = Item::selectFirst(['id', 'author-link'], ['guid' => $a->argv[1], 'private' => false]);
 		if (!DBA::isResult($item)) {
 			System::httpExit(404);
 		}
 
+		if (!strstr($item['author-link'], System::baseUrl())) {
+			System::httpExit(404);
+		}
+
 		$data = ActivityPub\Transmitter::createObjectFromItemID($item['id']);
 
 		header('Content-Type: application/activity+json');