Technically one can create this and launch a new profile everytime. It can still detect the device (there are some failures - if I change the screen resolution/dpi). May be after 3 or 4 times, the server may also detect that a certain ip address is trying the same thing.

TEMP_DIR=$(mktemp -d /tmp/chromium.XXXXXXX) ; /usr/bin/chromium-browser --user-data-dir=$TEMP_DIR

At the end as other say they use hardware information + IP + other stuff. It is a lost battle.

But how could it distinguish different profile directories, if they use the same settings. I would assume profile id, directories, or others should not be exposed through the browser. I am not used to chromium-browser (is this chrome? forgive my incompetence), but I wonder what kind of profile-specific static identifiers despite cookies could leak out the browser?

Maybe these? https://browserleaks.com/webrtc But at least FF in private mode should randomize these IDs on restart.