While Anthropic publicly acknowledges Facebook tracking on its web properties, the desktop app’s network behavior remains undocumented, creating a transparency gap for privacy-conscious users. Thanks to Little Snitch, I caught an unexpected network connection:
Claude Helper.app/Contents/MacOS/Claude Helper
Technical confirmation from Claude Desktop Link to heading
Logs shared in GitHub issue #18006 revealed the Content Security Policy directive:
connect-src 'self' https://a-cdn.anthropic.com
https://api.segment.io https://*.segment.io https://*.segment.com
https://*.google.com https://*.doubleclick.net
https://*.facebook.com https://*.facebook.net
When the domain-based connection is denied, Claude attempts a fallback connection directly via IP address:
Claude Helper.app/Contents/MacOS/Claude Helper
Connection attempts from various Facebook-owned IPs continued to appear. Public WHOIS records confirm the range:
IP Range Details Link to heading
| Field | Value |
|---|---|
| CIDR Block | 57.144.0.0/14 |
| IP Range | 57.144.0.0 – 57.147.255.255 |
| Total IPs | 262,144 addresses |
| ASN | AS32934 |
| Organization | Facebook, Inc. (Meta Platforms) |
Blocking this CIDR range in Little Snitch resolved the issue — no further connection attempts were observed.
Summary Link to heading
This is not a rogue dependency or compromised build — the Content Security Policy explicitly permits Facebook connections, and Anthropic’s cookie disclosures acknowledge Facebook marketing cookies. What remains undocumented is the desktop app’s behavior: what events trigger these connections, what data is sent, and why an application handling sensitive conversations needs Facebook’s advertising infrastructure.