Why does my browser says downloading proxy script

My assumptions: 1) the vulnerability to exploit is a Blind XSS via the contact form 2) the AngularJS part is important (of course, given that v1.5.8 is used!) 3) basic HTML and JavaScript injections (using and