Probably not. It’s most likely automated scanning and the subdomains seem common enough to be included in wordlists. Another possibility is that the subdomains have leaked somehow, do you use LetsEncrypt? If so, the existence of your subdomains is public knowledge and can easily be picked up by bots.
apt install python3-certbot :)