Yes, they are likely tracking users in incognito mode. You're still loading google analytics or doubleclick resources on many, many sites. Merely making that request (or any request to a google property) gives them your IP which is static enough to identify a household or corporate complex based on previously gathered data. From there these javascript libs phone home every bit of data they can from your browser, including UA string/browser minor version, plugins, resolution (fingerprinting). This can further narrow things down to an individual device you have used before, especially if you're just popping in and out of incognito.
Google also operates some of the most popular DNS services 8.8.8.8,8.8.4.4 which can capture domains you query from your IP.
There are various measures you can go through to stop this to some degree, like DNS blocking, client-side ad/tracker blocking, VPNs etc. but to go all-out is very cumbersome and I'm not convinced that it would even be 100% effective. Google's business DEPENDS on collecting your data and tracking you, and they are very, very good at it. I highly recommend reading "The Age Of Surveillance Capitalism".
Google also operates some of the most popular DNS services 8.8.8.8,8.8.4.4 which can capture domains you query from your IP.
There are various measures you can go through to stop this to some degree, like DNS blocking, client-side ad/tracker blocking, VPNs etc. but to go all-out is very cumbersome and I'm not convinced that it would even be 100% effective. Google's business DEPENDS on collecting your data and tracking you, and they are very, very good at it. I highly recommend reading "The Age Of Surveillance Capitalism".