diff --git a/src/Services/Webhooks/Webhooks.API/Controllers/WebhooksController.cs b/src/Services/Webhooks/Webhooks.API/Controllers/WebhooksController.cs
index 23160f92d..d435fc0e5 100644
--- a/src/Services/Webhooks/Webhooks.API/Controllers/WebhooksController.cs
+++ b/src/Services/Webhooks/Webhooks.API/Controllers/WebhooksController.cs
@@ -67,7 +67,7 @@ namespace Webhooks.API.Controllers
             var userId = _identityService.GetUserIdentity();
 
 
-            var grantOk = await _grantUrlTester.TestGrantUrl(request.GrantUrl, request.Token ?? string.Empty);
+            var grantOk = await _grantUrlTester.TestGrantUrl(request.Url, request.GrantUrl, request.Token ?? string.Empty);
 
             if (grantOk)
             {
diff --git a/src/Services/Webhooks/Webhooks.API/Services/GrantUrlTesterService.cs b/src/Services/Webhooks/Webhooks.API/Services/GrantUrlTesterService.cs
index cde669865..c4b38b724 100644
--- a/src/Services/Webhooks/Webhooks.API/Services/GrantUrlTesterService.cs
+++ b/src/Services/Webhooks/Webhooks.API/Services/GrantUrlTesterService.cs
@@ -1,6 +1,5 @@
 using Microsoft.Extensions.Logging;
 using System;
-using System.Collections.Generic;
 using System.Linq;
 using System.Net.Http;
 using System.Threading.Tasks;
@@ -17,8 +16,15 @@ namespace Webhooks.API.Services
             _logger = logger;
         }
 
-        public async Task<bool> TestGrantUrl(string url, string token)
+        public async Task<bool> TestGrantUrl(string urlHook, string url, string token)
         {
+            if (!CheckSameOrigin(urlHook, url))
+            {
+                _logger.LogWarning($"Url of the hook ({urlHook} and the grant url ({url} do not belong to same origin)");
+                return false;
+            }
+
+
             var client = _clientFactory.CreateClient("GrantClient");
             var msg = new HttpRequestMessage(HttpMethod.Options, url);
             msg.Headers.Add("X-eshop-whtoken", token);
@@ -37,5 +43,15 @@ namespace Webhooks.API.Services
                 return false;
             }
         }
+
+        private bool CheckSameOrigin(string urlHook, string url)
+        {
+            var firstUrl = new Uri(urlHook, UriKind.Absolute);
+            var secondUrl = new Uri(url, UriKind.Absolute);
+
+            return firstUrl.Scheme == secondUrl.Scheme &&
+                firstUrl.Port == secondUrl.Port &&
+                firstUrl.Host == firstUrl.Host;
+        }
     }
 }
diff --git a/src/Services/Webhooks/Webhooks.API/Services/IGrantUrlTesterService.cs b/src/Services/Webhooks/Webhooks.API/Services/IGrantUrlTesterService.cs
index 8a174979f..c78475fb0 100644
--- a/src/Services/Webhooks/Webhooks.API/Services/IGrantUrlTesterService.cs
+++ b/src/Services/Webhooks/Webhooks.API/Services/IGrantUrlTesterService.cs
@@ -7,6 +7,6 @@ namespace Webhooks.API.Services
 {
     public interface IGrantUrlTesterService
     {
-        Task<bool> TestGrantUrl(string url, string token);
+        Task<bool> TestGrantUrl(string urlHook, string url, string token);
     }
 }