URL Encoder / Decoder
Encode and decode URLs and query parameters safely.
HTTP Status Codes
A complete, searchable reference of every HTTP status code — from <code>100 Continue</code> to <code>511 Network Authentication Required</code>. Filter by category, search by number or name, and click any code for a clear description of when it is used.
No status codes match your search.
How to Use This Tool
- Search — type a status number like
404, a phrase likenot found, or a topic likeredirect. - Filter by category — use the pills to narrow results to 1xx, 2xx, 3xx, 4xx, or 5xx responses.
- Copy — click any status row to copy the code and name to your clipboard.
- Expand — each row shows the short description; tap the row to see the longer explanation and common use cases.
About HTTP Status Codes
HTTP status codes are three-digit numbers returned by a server to indicate the result of a client's request. They are grouped into five classes by the first digit: 1xx for informational responses, 2xx for successful responses, 3xx for redirection, 4xx for client errors, and 5xx for server errors. The canonical list is maintained by the IANA and defined primarily in RFC 9110, with additional codes defined by RFC 6585, RFC 4918 (WebDAV), and others.
Choosing the right status code matters. API consumers, CDNs, monitoring tools, and search engines all make decisions based on the code alone — a poorly chosen code can cause retries, cache misses, demotion in search results, or confusing error messages for end users. When in doubt, prefer the most specific code available and include a machine-readable error body to supplement it.
This reference covers every widely-implemented status code, including standard codes, WebDAV extensions, and common non-standard codes you may encounter in the wild (like 499 Client Closed Request from Nginx).
Frequently Asked Questions
What is the difference between 401 Unauthorized and 403 Forbidden?
401 means the client is not authenticated — credentials are missing or invalid, and the response should include a
WWW-Authenticate header. 403 means the client is authenticated but not allowed to access the resource. In short: 401 says "who are you?", 403 says "I know who you are and you still can't have this."When should I use 301 vs 302 redirects?
Use 301 Moved Permanently when the resource has a new URL for good — search engines will transfer ranking signals and browsers will cache the redirect. Use 302 Found for temporary redirects like A/B tests or maintenance pages where the original URL will return later. For APIs that must preserve the HTTP method, prefer 308 Permanent Redirect and 307 Temporary Redirect instead.
What does HTTP 422 Unprocessable Content mean?
422 signals that the request was well-formed syntactically but was semantically invalid — typically a validation failure, such as a missing required field or a value that violates a business rule. Use 400 Bad Request when the payload itself is malformed (bad JSON, wrong content type) and 422 when the payload parses but fails validation.
Is 418 I'm a teapot a real HTTP status code?
418 was defined in RFC 2324 as an April Fools joke (the Hyper Text Coffee Pot Control Protocol) in 1998. It is not part of the standard HTTP specification, but it is widely implemented as an Easter egg and is sometimes used in production by services wanting to return an unmistakable signal that a request will never be honored.
What is the difference between 502 Bad Gateway and 504 Gateway Timeout?
502 Bad Gateway means an upstream server returned an invalid response — for example, a reverse proxy got malformed data from the application server. 504 Gateway Timeout means an upstream server did not respond within the allowed time. Both indicate a failure upstream of the gateway, but 502 is about bad data and 504 is about no data.
What is a 429 Too Many Requests response?
429 is returned when a client exceeds a rate limit. The response should include a
Retry-After header telling the client how long to wait before trying again, either as seconds or an HTTP-date. Pair 429 with clear rate-limit documentation and, ideally, X-RateLimit-* headers so clients can back off gracefully before hitting the limit.