I think that this is less likely Google discerning anything by fingerprinting, and more likely relates different browsers advertising themselves differently (via user-agent header):
User Agents (Linux VM):
| BROWSER | USER AGENT |
|---|---|
| Tor Browser: | Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0 |
| Mullvad: | Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0 |
| Librewolf: | Mozilla/5.0 (Windows NT 10.0; rv:128.0) Gecko/20100101 Firefox/128.0 |
| Firefox: | Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 |
| Brave: | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 |
| Chromium: | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 |
It’s interesting that Tor Browser chose to show a UA that indicates WIndows, and Mullvad chose to diverge from that. I wonder why? I have the impression that UA spoofing (of the OS) isn’t really effective as there are other ways to discern it, but I could be wrong.