CSS can load external resources, such as fonts, images, and stylesheets, from external links.
Couldn’t a malicious site use this see packets dropped and the timestamps for correlation attacks by loading of external clearnet or other servers on the site?