diff --git a/src/wp-includes/rewrite.php b/src/wp-includes/rewrite.php
index 705e5f2bc8..943d7d0079 100644
--- a/src/wp-includes/rewrite.php
+++ b/src/wp-includes/rewrite.php
@@ -471,6 +471,14 @@ function url_to_postid( $url ) {
 	 */
 	$url = apply_filters( 'url_to_postid', $url );
 
+	$url_host      = str_replace( 'www.', '', parse_url( $url, PHP_URL_HOST ) );
+	$home_url_host = str_replace( 'www.', '', parse_url( home_url(), PHP_URL_HOST ) );
+
+	// Bail early if the URL does not belong to this site.
+	if ( $url_host && $url_host !== $home_url_host ) {
+		return 0;
+	}
+
 	// First, check to see if there is a 'p=N' or 'page_id=N' to match against
 	if ( preg_match('#[?&](p|page_id|attachment_id)=(\d+)#', $url, $values) )	{
 		$id = absint($values[2]);
diff --git a/tests/phpunit/tests/rewrite.php b/tests/phpunit/tests/rewrite.php
index 5f7514915e..dafb238fcf 100644
--- a/tests/phpunit/tests/rewrite.php
+++ b/tests/phpunit/tests/rewrite.php
@@ -359,6 +359,20 @@ class Tests_Rewrite extends WP_UnitTestCase {
 		update_option( 'show_on_front', 'posts' );
 	}
 
+	/**
+	 * @ticket 39373
+	 */
+	public function test_url_to_postid_should_bail_when_host_does_not_match() {
+		$this->set_permalink_structure( '/%postname%/' );
+
+		$post_id = self::factory()->post->create( array( 'post_name' => 'foo-bar-baz' ) );
+		$permalink = get_permalink( $post_id );
+		$url = str_replace( home_url(), 'http://some-other-domain.com', get_permalink( $post_id ) );
+
+		$this->assertSame( $post_id, url_to_postid( $permalink ) );
+		$this->assertSame( 0, url_to_postid( $url ) );
+	}
+
 	/**
 	 * @ticket 21970
 	 */