Docker pull postgres - Forbidden

Use markdown to insert temrinal output, logs and any special text as a codeblock as you would on other technical forums, including GitHub. Or click on the </> button to insert the code block.

A little help: https://forums.docker.com/t/how-to-format-your-forum-posts/127295#p-202628-dockerfiles-compose-files-logs-and-code-4

Postgres is an official image, netbox is a Sponsored Opensource image. (OSS) I assume that is the difference as some rules are different for OSS projects. When you are logged in with a paid subscription, both should be downloaded from production.cloudflare.docker.com, which you covered by setting *.docker.com, but when you are not logged in with a paid subscription, postgres seems to be downloaded from docker-images-prod.6aa30f8b08e16409b46e0173d6de2f56.r2.cloudflarestorage.com.

I started a proxy server locally to test it. You can do the same when you have no access to the proxy that returns the error or if you have access to it, check the logs or enable verbose logs if possible to see all traffic. I usually used squid as it was the first I learned about, but I used mitproxy on macOS now.

So basically you should add docker-images-prod.6aa30f8b08e16409b46e0173d6de2f56.r2.cloudflarestorage.com to the proxy. Not for Docker CE, but the allowlist for Docker Desktop could be still useful:

It also contains the domain I quoted above from cloudflare.