When I started using Crowdsec, I quickly realized some Alerts for my own public IP-address. So I searched the logs and figured out one applications request were detected as brute force attempts.