I do not know the current regulations but have done some research on the advertising connection. With GPDR and CCPA and Apple's change to default disallow advertising IDs, advertisers are looking to means other than cookies to track users. By asking you to "log in" with Google, in cases like a blog where you are not actually authenticating to anything but Google, they are using it to associate your traffic with your ad ID. I'm not saying it's good or bad, but it explains why you get prompted to log in with your Google account, and if you don't, nothing changes for you on the site.

There are also cases where you actually do have an account on that site, and you log into it using your Google account as your credentials. As you say, this is because OAuth is a pain in the butt to code and manage, and when it has nothing to do with what you're trying to code, why reinvent the wheel, just use Google's solution. This also makes logging in more convenient to users.

I had to go back and refresh my memory. It's not related to cookies, but can be related to the absence of cookies. There are a couple of reasons sites might decide to do this.