Question about the 'timeout-or-duplicate' error

Hi! Recently, we discovered we’re encountering a fair number of ‘timeout-or-duplicate’ errors while validating response tokens. We’re still investigating the issue but I wanted to ask:

Under what condition would a response token ever already be validated?

According to this: Server-side validation · Cloudflare Turnstile docs

the “timeout-or-duplicate” error means the response token has already been validated. Would this happen if we simply “kept” the response token we received and used it without getting a new one?

Thanks in advance!