Since last week I noticed that everytime I use certbot to get a certificate for nginx I instantly receive some strange requests on the domain name coming from a TOR exit node IP.
Here is an extract :
184.108.40.206 - - [03/Jul/2019:18:53:17 +0000] "GET /.git/config HTTP/1.1" 200 178 "https://domain-that-just-got-a-new-cert/.git/config" "Go-http-client/1.1"
Is this a known probing practice ?
Is the certificate transparency log updated this quickly ?