I think the hidden field theory bears further investigation. There may well be a session ID buried in there. You may need to download the form page each time and capture that field so you can return it.