@sergey_smirnov, I see you submitted the FusionAuth log. I didn't approve the post because I thought there might be some info in there you don't want public. I cut some out and will paste it here:
That is interesting. Would it be possible to get the web server logs and see if there were actual multiple requests.