The Race to the Vulnerable: Measuring the Log4j Shell Incident