FB still frequently gets hold of things I've browsed in a supposedly different sandbox.
That's from fingerprinting you as a user. There's a website you can go to which will inform you how unique you are as and endpoint. Think about it this way...
1. You visit a site from whatever browser on a machine and look at shit.
2. Most pages have the Facebook "like" nonsense included which will have the fingerprinting code. It creates a "unique" id for you.
3. You browse other shit on other sites.
4. A "unique" id is created the same way on these other sites and likely matches that in (2).
5. Related shit thus gets served.
Re-identifying users is where a shitload of effort gets spent as that is key to the money making machine. The more info you can link to being from the same source the more your dataset is worth. Whether they create one id or a series of ids of escalating uniqueness I cannot say, but what I can guess is that they're pretty fucking good at it.
For the curious, try this site across your various usage patterns - sandboxes on same machine, different browsers etc. Bare in mind they are just showing one part of the re-identification world.