I noticed a lot of error messages from sshd/imaps and other services all related to IPv4 address 18.104.22.168. Checking the firewall logs found even more attempts. It seems all this noise is related to a 'Web Server Security Test' from High-Tech Bridge. Something like the Qualys SSL Labs SSL Server Test but aimed at a complete test according to PCI DSS, HIPAA and NIST. Since most of those standards have to do with procedures too an automated test can never be complete. But with all these errors and firewall log entries it is very noisy. And now I wonder who was interested in my webserver security at a time that I was asleep.