I can't say I've seen anything like that on the webservers I've exposed to the internet. But it could vary based on the IP you have if it's a target for something already I suppose.
Frankly I’m surprised that machine I setup didn’t get hacked.
How could it if all you had was a basic webserver running?