diff --git a/server/ctrl/static/404.html b/server/ctrl/static/404.html
index 3375f705..893b29a4 100644
--- a/server/ctrl/static/404.html
+++ b/server/ctrl/static/404.html
@@ -1,214 +1,20 @@
-
-
-
-
-
-404
-
-
-
+
+
+ 404
+
+
+
+
+
+
diff --git a/server/middleware/http.go b/server/middleware/http.go
index 246e05f7..3e3ef195 100644
--- a/server/middleware/http.go
+++ b/server/middleware/http.go
@@ -46,8 +46,7 @@ func IndexHeaders(fn func(*App, http.ResponseWriter, *http.Request)) func(ctx *A
cspHeader += "style-src 'self' 'unsafe-inline'; "
cspHeader += "font-src 'self' data:; "
cspHeader += "manifest-src 'self'; "
- cspHeader += "script-src 'self' 'sha256-JNAde5CZQqXtYRLUk8CGgyJXo6C7Zs1lXPPClLM1YM4=' 'sha256-9/gQeQaAmVkFStl6tfCbHXn8mr6PgtxlH+hEp685lzY=' 'sha256-ER9LZCe8unYk8AJJ2qopE+rFh7OUv8QG5q3h6jZeoSk='"
- cspHeader += " 'sha256-a4rv66tC4bqKBcGxkR+KAqedm+64tAs13VGNGmN3B6g=' 'sha256-H+2cw33TxgqSZEshY66vGwg6/W03IB9JKTmFV36CKz0=';" // animated 404 static page
+ cspHeader += "script-src 'self' 'sha256-JNAde5CZQqXtYRLUk8CGgyJXo6C7Zs1lXPPClLM1YM4=' 'sha256-9/gQeQaAmVkFStl6tfCbHXn8mr6PgtxlH+hEp685lzY=' 'sha256-ER9LZCe8unYk8AJJ2qopE+rFh7OUv8QG5q3h6jZeoSk='; "
cspHeader += "img-src 'self' blob: data: https://maps.wikimedia.org; "
cspHeader += "connect-src 'self'; "
cspHeader += "object-src 'self'; "