uBlock has full control over the browser's network access and can run code to determine the outcome of the request.
1Blocker/AdGuard/etc use two mechanisms:
1) declarative blocking - where you can specify rules to allow/deny requests matching a certain pattern. Those rules need to be declared in advance, you can't do matching at runtime using custom code.
2) they inject a bit of JS into the page to try and tamper with malicious scripts that can't be touched by the declarative blocking. This is error-prone and potentially slow, and is not guaranteed to be bulletproof as the injected code runs with the same privileges as the malicious code. I could see potential race conditions where the malicious code manages to run and exfiltrate sensitive data before the blocking code has a chance of defusing it.
The second approach is a horrible hack that only exists because extensions no longer have full control over the browser's networking, under the excuse of "security".
