I find RequestPolicy[0,1] to be both a powerful and easy way to manage cross-site requests. It too blocked ConvertKit (with options: temporarily allow, whitelist, whitelist only for vuehandbook.com, etc).

Mentioning it because it isn't as well-known as other security/privacy blockers.

[0] https://requestpolicycontinued.github.io/

[1] https://www.requestpolicy.com/