I always use a VPN. However, i think it's quite possible to make an on-the-fly ID of a potential customer, that's valid, say, for a few hours. I know that cookies weren't involved here, because i clear everything all the time. Nevertheless, it's still possible from a browser fingerprint and the fact that the same flight is being queried. :-/