In theory React websites should transfer less data since you just send a JSON model instead of one annotated in full HTML markup. The React runtime would be cached after the first visit.
For example, you buy a burner phone, but the place you bought it from, even if a second hand shop, had a security camera. Maybe they also record IMEI's before selling phones.
Or you carry your burner phone together with your real phone. Or alternatively, you leave one at home when using the other. Both of these things can be linked by a sufficiently determined actor (FBI/NSA level).
Or they track you to using a public square WiFi one day. Again, cameras are everywhere.
If they got your real name, no matter how, it's game over. You will be surveilled and they will find proof to link you. This is why all those posts "if only DPR used this kind of encryption or dead-men-switch" are ridiculous. Once they knew his real name it was just a matter of time and building a case.