Downloading .deb and .rpm files from R2 presigned URLs marked as malware

I recently ported from S3 to R2 and now when I download Linux binary installers (.deb and .rpm) from presigned URLs, Chrome and Firefox say the file is a virus/malware.

I’ve compared the binaries from both S3 and R2 and they’re identical so I’m not sure why Chrome/Firefox would complain. Also, the download works fine if I use a non-presigned URL (e.g. downloading from a public bucket)

Does anyone have any insight on why this would happen?

Here’s a signed URL for one of my deb files in case that helps narrow down the issue:

I’m also having the exact same issue with ZIP files that contain MP3 files.
If I serve the content from any other URL (S3 / Website / etc) the download succeeds without issue.

Virus Total also mentions my download is perfectly safe -

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.