Oh man this takes me back.
Once upon a time, all server logs were basically unusable because of the amount of IIS scanners out there. There was a directory traversal that was literally just url encoding “../“ that absolutely lit the internet on fire for many months.
Those traversal attempts are still very common, right next to the PHP/WordPress script kiddie attacks.