text injection can be used in phishing 404 page should not include attacker text

Hello i want to report a text injection and a missconfiguration of the 404 page which can be used in phishing the bug exists at : https://www.algolia.com/test/%2f../It%20has%20been%20changed%20by%20a%20new%20one%20https://www.crowdcurity.com%20so%20go%20to%20the%20new%20one%20since%20this%20one https://blog.algolia.com//test/%2f../It%20has%20been%20changed%20by%20a%20new%20one%20https://www.crowdcurity.com%20so%20go%20to%20the%20new%20one%20since%20this%20one as you can see attacker text is included "It has been changed by a new one https://www.crowdcurity.com so go to the new one since this one was not found on this server." Fix : just use a 404 page that don't include attacker text just as : hackerone do or just as you do in your other domain http://status.algolia.com/test/%2f../It%20has%20been%20changed%20by%20a%20new%20one%20https://www.crowdcurity.com%20so%20go%20to%20the%20new%20one%20since%20this%20one hope you fix it thanks