HTTP Status Codes

Look up every HTTP status code and its meaning.

Search status codes

62 status codes

100
Continue
The server received the request headers and the client should proceed to send the request body. Sent in response to an Expect: 100-continue header.
101
Switching Protocols
The server is switching protocols as requested by the client via the Upgrade header — for example, upgrading an HTTP connection to a WebSocket.
102
Processing
A WebDAV interim response telling the client the server has accepted the request but has not yet completed it. Prevents the client from timing out.
103
Early Hints
Lets the server send preliminary Link headers so the browser can preload or preconnect to resources before the final response is ready.
200
OK
The request succeeded. The meaning of the response body depends on the method — for GET it is the requested resource, for POST it describes the result.
201
Created
The request succeeded and a new resource was created. The new resource’s URL is typically returned in the Location header.
202
Accepted
The request was accepted for processing but is not yet complete. Used for asynchronous work where the outcome is not known when the response is sent.
203
Non-Authoritative Information
The request succeeded, but the returned metadata was modified by a proxy and may differ from what the origin server would send.
204
No Content
The request succeeded but there is no content to return. Often used for DELETE requests or actions that need no response body.
205
Reset Content
The request succeeded and the client should reset the document view — for example, clearing a form so the user can enter fresh data.
206
Partial Content
The server is delivering only part of the resource in response to a Range header. Used for resumable downloads and media streaming.
207
Multi-Status
A WebDAV response that conveys multiple independent status codes for several resources in a single XML body.
208
Already Reported
A WebDAV response used inside a 207 Multi-Status body to avoid repeatedly listing the same collection members.
226
IM Used
The server fulfilled a GET request and the response represents the result of instance manipulations (delta encoding) applied to the resource.
300
Multiple Choices
The request has more than one possible response. The client or user should choose one — for example, several formats of the same document.
301
Moved Permanently
The resource has moved permanently to the URL in the Location header. Search engines update their links; clients should use the new URL from now on.
302
Found
The resource is temporarily at a different URL. The client should keep using the original URL for future requests.
303
See Other
Tells the client to fetch the resource at the Location URL with a GET request. Common after a POST to redirect to a result page.
304
Not Modified
The cached copy is still valid, so no body is sent. Returned for conditional requests using If-None-Match or If-Modified-Since.
305
Use Proxy
The requested resource must be accessed through the proxy in the Location header. Deprecated for security reasons and rarely supported.
307
Temporary Redirect
Like 302, but the request method and body must not be changed when following the redirect — a POST stays a POST.
308
Permanent Redirect
Like 301, but the request method and body must be preserved when the client follows the redirect to the new permanent URL.
400
Bad Request
The server cannot process the request because of malformed syntax, invalid framing, or a request that is otherwise wrong on the client side.
401
Unauthorized
Authentication is required and has failed or not been provided. The response should include a WWW-Authenticate header describing how to authenticate.
402
Payment Required
Reserved for future use. Some APIs use it to signal that a payment or a paid plan is required to access the resource.
403
Forbidden
The server understood the request but refuses to authorize it. Unlike 401, authenticating will not help — the client lacks permission.
404
Not Found
The server cannot find the requested resource. It does not say whether the absence is temporary or permanent.
405
Method Not Allowed
The resource exists but the HTTP method used is not supported for it. The Allow header lists the methods that are accepted.
406
Not Acceptable
The server cannot produce a response matching the criteria in the request’s Accept headers (content negotiation failed).
407
Proxy Authentication Required
Like 401, but the client must first authenticate with a proxy, indicated by the Proxy-Authenticate header.
408
Request Timeout
The server timed out waiting for the client to finish sending the request. The client may repeat the request later.
409
Conflict
The request conflicts with the current state of the resource — for example, an edit based on an outdated version.
410
Gone
The resource was deliberately removed and will not return. Stronger and more permanent than 404; clients should drop links to it.
411
Length Required
The server refuses the request because it lacks a Content-Length header, which this resource requires.
412
Precondition Failed
One or more conditions in the request headers (such as If-Match) evaluated to false against the current resource state.
413
Payload Too Large
The request body is larger than the server is willing or able to process. Often hit when uploading oversized files.
414
URI Too Long
The request URI is longer than the server will accept — usually caused by encoding too much data into a GET query string.
415
Unsupported Media Type
The request body is in a format the server does not support, as declared by the Content-Type header.
416
Range Not Satisfiable
The Range header asks for a portion of the resource that lies outside its actual size.
417
Expectation Failed
The server cannot meet the requirement stated in the request’s Expect header.
418
I'm a Teapot
An April Fools’ joke from RFC 2324: the server refuses to brew coffee because it is, in fact, a teapot. Occasionally used as a playful Easter egg.
421
Misdirected Request
The request was sent to a server that cannot produce a response for the combination of scheme and authority in the request.
422
Unprocessable Content
The request was well-formed but contains semantic errors that prevent it from being processed — commonly returned for failed validation.
423
Locked
A WebDAV status: the resource being accessed is locked and cannot be modified.
424
Failed Dependency
A WebDAV status: the request failed because it depended on another request that itself failed.
425
Too Early
The server is unwilling to process a request that might be replayed, such as one sent in TLS 1.3 early data.
426
Upgrade Required
The server refuses the request on the current protocol but may accept it if the client upgrades to a protocol named in the Upgrade header.
428
Precondition Required
The server requires the request to be conditional, to prevent the lost-update problem when two clients edit the same resource.
429
Too Many Requests
The client has sent too many requests in a given time (rate limiting). A Retry-After header may say when to try again.
431
Request Header Fields Too Large
The server refuses the request because its header fields are too large, either individually or in total.
451
Unavailable For Legal Reasons
The resource is unavailable because of a legal demand, such as a court order or government censorship.
500
Internal Server Error
A generic server-side error: something went wrong but the server cannot be more specific. The catch-all when no other 5xx fits.
501
Not Implemented
The server does not support the functionality needed to fulfill the request — for example, an HTTP method it does not recognize.
502
Bad Gateway
A server acting as a gateway or proxy received an invalid response from the upstream server it relied on.
503
Service Unavailable
The server is temporarily unable to handle the request, usually due to overload or maintenance. A Retry-After header may indicate when to retry.
504
Gateway Timeout
A server acting as a gateway or proxy did not receive a timely response from the upstream server.
505
HTTP Version Not Supported
The server does not support the HTTP protocol version used in the request.
506
Variant Also Negotiates
A content-negotiation configuration error: the chosen variant is itself configured to negotiate, causing a circular reference.
507
Insufficient Storage
A WebDAV status: the server cannot store the representation needed to complete the request.
508
Loop Detected
A WebDAV status: the server detected an infinite loop while processing the request and stopped.
510
Not Extended
Further extensions to the request are required for the server to fulfill it.
511
Network Authentication Required
The client must authenticate to gain network access — typically returned by a captive portal on public Wi-Fi.

Processed on your device. We never see your files.

How to use HTTP Status Codes

What this tool does

This is a fast, searchable reference for HTTP status codes. Every standard code is included — from 100 Continue through 511 Network Authentication Required — grouped into the five families: 1xx Informational, 2xx Success, 3xx Redirection, 4xx Client Error, and 5xx Server Error. For each code you get its number, its official name, the category it belongs to, and a plain-English description of when a server actually sends it. Type a number like 404 or a phrase like gateway and the list narrows instantly.

Why you might need it

Status codes are the vocabulary of the web, and most developers carry only a handful in their heads. The moment an API call fails, a deploy misbehaves, or a log fills with numbers, you need to know precisely what each one means — and the difference is rarely trivial. Is a 422 a validation failure or something worse? Should a moved page return 301 or 308? Does 429 come with a Retry-After header? Guessing leads to bugs: a search crawler treating a temporary 302 as permanent, or a client retrying a 400 that will never succeed. Having the full table one search away removes that friction whether you are designing an API, debugging a request, or writing tests.

How to use it

Type into the search box to filter by code number or by name — 500, forbidden, and redirect all work.
Click a category chip (1xx through 5xx) to show only that family; click All to bring everything back.
Read the description on each row to confirm the code fits your situation.
Use the copy button on any row to grab the code and its name, ready to paste into documentation, a comment, or a test assertion.
Click Clear filters to reset the search and category at once.

The category chips are colour-coded, so even a quick scan tells you whether you are looking at a success, a client error, or a server error.

Common pitfalls

The single most common mistake is confusing client errors with server errors. A 4xx means the request itself was wrong — bad syntax, missing auth, an unknown route — and resending the same request unchanged will fail again. A 5xx means the request was fine but the server could not fulfil it, so a retry may well succeed. Another trap is redirect semantics: 301 and 302 historically let clients change a POST into a GET when following them, whereas 307 and 308 guarantee the method and body are preserved. If a form submission breaks after a redirect, this is often why. Finally, 401 and 403 are not interchangeable — sending 403 when you mean “please log in” leaves users with no path forward.

Tips and advanced use

When you design an API, lean on the specific codes rather than defaulting everything to 200 or 500. Return 201 Created with a Location header for new resources, 204 No Content for a successful delete, 409 Conflict for an edit against stale data, and 422 Unprocessable Content for validation failures — well-chosen codes let clients react correctly without parsing your error messages. Pair 429 Too Many Requests and 503 Service Unavailable with a Retry-After header so callers back off politely. For caching, remember that 304 Not Modified carries no body and is driven by conditional requests using ETag or Last-Modified. Because the whole reference lives in your browser, you can keep this page open as a side tab while you work — it loads once and then needs no connection at all, and nothing you search for is ever transmitted.

Frequently asked questions

What do the five HTTP status code categories mean?

Status codes are grouped by their first digit. 1xx is informational, 2xx means success, 3xx is a redirection, 4xx is a client error (the request was wrong), and 5xx is a server error (the server failed). Knowing the category tells you instantly whose side a problem is on.

What is the difference between a 401 and a 403?

A 401 Unauthorized means you have not authenticated, or your credentials failed — logging in could fix it. A 403 Forbidden means the server knows who you are but you are not allowed to access the resource, so authenticating again will not help.

When should I use 301 versus 302 versus 308?

Use 301 Moved Permanently when a URL has changed for good so search engines update their links. Use 302 Found for a temporary move. Use 308 Permanent Redirect when you need a permanent move but must preserve the original request method and body, which 301 does not guarantee.

Is this status code lookup done on a server?

No. The entire reference table is bundled into the page and searched inside your browser. Nothing you type into the search box is sent anywhere, so the tool works fully offline once the page has loaded.

Does this list include non-standard status codes?

It focuses on the standard codes defined by the IETF, plus widely supported WebDAV extensions. Vendor-specific codes used by individual CDNs or frameworks are intentionally left out to keep the reference accurate and unambiguous.

Related tools

HTTP Headers Reference

Reference common HTTP request and response headers.

MIME Type Lookup

Look up MIME types by file extension.

EyeDropper Color Picker

Pick any color on screen with the EyeDropper API.

CSS Gradient to Image

Render a CSS gradient as a downloadable image.

SVG to PNG

Convert SVG files into raster PNG images.

SVG Optimizer

Optimise and shrink SVG file size.