All the links that were up there weren't necessarily security issues.
That wget for example was highlighting bots crawling webservers and giving security researchers some fresh blood to start looking for a C&C ;)
More details :
The bot are crawling internet like us, here when you see a wget ( http://un1c0rn.net/host/195.154.5.171 ) after an HTTP header, it means the bot tried to execute PHP code by injecting it in the request on the target system.
This code gives you the remote location of the script suposed to infect the machine and gives you some useful information to start a new hunt ;)
Here you can see the infection script is there :
hxxp://208.85.177.238/.x/hb/php08
And here are the information related to that botnet :
$servidor='194.24.228.203' unless $servidor;
my $porta='443';
my @canais=("#allornothing");
my @adms=("Kelevra");
You could be nice and track the flithy mofo ...
You could be bad, and take that IRC room, and even without knowing the password for the botnet administration, list IPs, infect the machines connected to the IRC channel like they were infected in the first place by the botnet and thanks the botnet for all those vulnerable hosts just given to you.