You are: 172.69.62.253 using client CCBot/2.0 (https://commoncrawl.org/faq/)

This IP Address can different from yours due to the use of intermediate proxies and accelerators such as CloudFlare

Attacks start HERE

Stored XSS

This is a simple message stored in server


HTML5 Powered Stored XSS

This is a simple message stored in server


Reflected XSS

This page is vulnerable to Reflected Attacks for parameter id. Try it by adding the parameter and changing its value. Then add some javascript code.
Nothing provided in parameter id

CSRF Attack

This will call an external URL using an Image SRC field. CSRF


Go to ../csrf to check how many CSRF victims there were.
Yes, when using HTML5, XSS can be used to steal your screen and upload it to some server. Think about Facebook or another forum (Btw, facebook is not vulnerable)
Check the HTTP traffic and the Source code :).

Your screen goes bellow.

You can also check the last screenshot sent to server here