Some modern security software manufacturers check and analyse all activities of a user, especially in the context of email.
Under certain circumstances this can lead to link calls being executed twice.
In most cases, the actual call is made using the user's local IP address, the security call is instead made using the IP address of the security software manufacturer.
Due to the fact that data packets on the Internet can have different runtimes, it can also happen that the first call that arrives at the destination is that of the security software. For this reason, among others, it is not possible to reliably identify duplicate calls or treat them differently. If you notice such behaviour, your IT department may be able to provide further information about the reasons and possible solutions.