Mozilla will shut down Pocket’s services on July 8, 2025. At that time users will no longer be able to access the Pocket website, apps and API. You can export your saved items and API data until October 8, 2025 before they are permanently removed. For more information, see this article.

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox 89.0.1 Checksum

  • 3 replies
  • 1 has this problem
  • 238 views
  • Last reply by TyDraniu

I downloaded Firefox 89.0.1 via Microsoft Edge from the regular mozilla.org site.

I was redirected to this site after the download started: https://cdn.stubdownloader.services.mozilla.com/builds/firefox-stub/de/win/[...]/Firefox%20Installer.exe

I was confused when I saw, that the sha256 checksum mismatched with the one in the repository. Also after multiply downloads from the mentioned site, I recognized all installation files had different checksums.

Is this a bug or a malicious firefox download? Or smth else?

Thanks in advance.

I downloaded Firefox 89.0.1 via Microsoft Edge from the regular mozilla.org site. I was redirected to this site after the download started: https://cdn.stubdownloader.services.mozilla.com/builds/firefox-stub/de/win/[...]/Firefox%20Installer.exe I was confused when I saw, that the sha256 checksum mismatched with the one in the repository. Also after multiply downloads from the mentioned site, I recognized all installation files had different checksums. Is this a bug or a malicious firefox download? Or smth else? Thanks in advance.

Modified by MaxTheSaxguy

Chosen solution

I've heard about it, see:

The file should be safe. The hypothesis is that Moz attaches something to recognize a download source or to measure a marketing campaign metric.

Read this answer in context 👍 0

All Replies (3)

To control which download you get, it might be simpler to use this server:

Thank you for your answer.

My question is more about why the SHA256 checksums change constantly with each download and if a download via https://cdn.stubdownloader.services.mozilla.com/ is safe or not.

Modified by MaxTheSaxguy

Chosen Solution

I've heard about it, see:

The file should be safe. The hypothesis is that Moz attaches something to recognize a download source or to measure a marketing campaign metric.