You are: 108.162.216.249 using client CCBot/2.0 (https://commoncrawl.org/faq/)
This IP Address can different from yours due to the use of intermediate proxies and accelerators such as CloudFlare
Attacks start HERE
Stored XSS
This is a simple message stored in server
HTML5 Powered Stored XSS
This is a simple message stored in server
Reflected XSS
This page is vulnerable to Reflected Attacks for parameter id. Try it by adding the parameter and changing its value. Then add some javascript code.
Nothing provided in parameter id
CSRF Attack
This will call an external URL using an Image SRC field.
Go to ../csrf to check how many CSRF victims there were.
Yes, when using HTML5, XSS can be used to steal your screen and upload it to some server. Think about Facebook or another forum (Btw, facebook is not vulnerable)
Check the HTTP traffic and the Source code :).
Your screen goes bellow.
You can also check the last screenshot sent to server here