diff --git a/backend/app/pypi_proxy.py b/backend/app/pypi_proxy.py
index c6f225f..aba1613 100644
--- a/backend/app/pypi_proxy.py
+++ b/backend/app/pypi_proxy.py
@@ -19,13 +19,6 @@ from sqlalchemy.orm import Session
 from .database import get_db
 from .models import UpstreamSource, CachedUrl, Artifact, Project, Package, Tag
 from .storage import S3Storage, get_storage
-from .upstream import (
-    UpstreamClient,
-    UpstreamClientConfig,
-    UpstreamHTTPError,
-    UpstreamConnectionError,
-    UpstreamTimeoutError,
-)
 from .config import get_env_upstream_sources
 
 logger = logging.getLogger(__name__)
@@ -360,18 +353,10 @@ async def pypi_download_file(
     # Not cached - fetch from upstream
     sources = _get_pypi_upstream_sources(db)
 
-    # Find a source that matches the upstream URL
-    matched_source = None
-    for source in sources:
-        source_url = getattr(source, 'url', '')
-        # Check if the upstream URL could come from this source
-        # (This is a loose check - the URL might be from files.pythonhosted.org)
-        if urlparse(upstream_url).netloc in source_url or True:  # Allow any source for now
-            matched_source = source
-            break
-
-    if not matched_source and sources:
-        matched_source = sources[0]  # Use first source for auth if available
+    # Use the first available source for authentication headers
+    # Note: The upstream URL may point to files.pythonhosted.org or other CDNs,
+    # not the configured source URL directly, so we can't strictly validate the host
+    matched_source = sources[0] if sources else None
 
     try:
         headers = {"User-Agent": "Orchard-PyPI-Proxy/1.0"}