HTTP Status Code Lookup
Look up any HTTP status code, see its meaning, category, and when it's used. Search by code number or name.
Search any HTTP status code (200, 301, 404, 500) to see its meaning, category, and typical causes. Covers every permanently registered IANA code from 1xx to 5xx.
Use the first digit to decide where to look: request, redirect, cache, client error, or server error.
63 codes found
Informational
The server has received the request headers; the client should proceed to send the request body.
The server is switching protocols as requested by the client (e.g., to WebSocket).
The server has received and is processing the request, but no response is available yet. Used by WebDAV to prevent client timeouts on long operations.
Allows the server to send preliminary response headers before the final response, enabling the client to begin preloading resources early.
Success
The request was successful. The response body contains the requested data.
The request was successful and a new resource was created.
The request has been accepted for processing, but processing has not been completed. The request may or may not eventually be acted upon.
The request succeeded, but the response comes from a transforming proxy or cache rather than the origin server. The data may differ from what the origin would return.
The server processed the request but returns no body content.
The server fulfilled the request and asks the client to reset the document view, for example to clear a form after submission.
The server is returning only part of a resource, as requested by the client using a Range header. Used for resumable downloads and video streaming.
A WebDAV response that conveys status for multiple independent operations in a single XML body. Each sub-response carries its own status code.
Used inside a WebDAV 207 Multi-Status response to avoid repeating the properties of a resource that has already been enumerated.
The server has fulfilled a GET request and the response is the result of one or more instance-manipulations applied to the current instance, as defined by the HTTP Delta Encoding specification.
Redirection
The request has more than one possible response. The client or user should choose one. Rarely used in practice; most servers return 200 with options instead.
The resource has moved to a new URL permanently. Update your links.
The resource is temporarily at a different URL. Keep using the original URL.
The response to the request can be found at a different URL using a GET request. Commonly used to redirect after a form POST so a browser refresh does not resubmit the form.
The resource hasn't changed since last request. Use your cached version.
The requested resource must be accessed through the proxy given in the Location header. Deprecated due to security concerns and no longer used.
This code was used in a previous version of the HTTP specification but is no longer used. It is reserved and must not be issued by servers.
Temporary redirect preserving the HTTP method of the original request.
Permanent redirect preserving the HTTP method of the original request.
Client Error
The server cannot process the request due to malformed syntax or invalid parameters.
Authentication is required. The request lacks valid credentials.
Reserved for future use. The original intention was for digital payment systems, but it has never been formally standardised. Some APIs use it informally for billing-related restrictions.
The server understood the request but refuses to authorise it.
The requested resource could not be found on the server.
The HTTP method used is not supported for this resource.
The server cannot produce a response matching the list of acceptable content types specified by the client's Accept headers.
Similar to 401, but authentication must be performed by a proxy rather than the origin server. The proxy must issue a Proxy-Authenticate challenge header.
The server timed out waiting for the client to send the complete request. The client may repeat the request without modification.
The request conflicts with the current state of the resource.
The resource is permanently gone and will not return.
The server requires a Content-Length header but the request did not include one.
One or more conditions given in the request headers evaluated to false on the server, such as an If-Match or If-Unmodified-Since check failing.
The request body exceeds the server's size limit.
The request URI is longer than the server is willing to interpret. Can occur with very long query strings or improperly encoded form submissions.
The server refuses the request because the payload format is not supported. Check your Content-Type header matches what the endpoint expects.
The server cannot fulfil the Range header in the request. The range may be outside the bounds of the resource, or the format may be invalid.
The server cannot meet the requirements specified in the Expect request header.
Reserved and not assigned to any real use. Originally appeared as a joke in an April Fools' RFC about coffee pots; the IANA registry now formally marks it as unused.
The request was directed at a server that is not able to produce a response for the combination of scheme and authority in the request URI.
The request is well-formed but contains semantic errors.
The source or destination resource of a WebDAV method is locked. The response should contain a lock token in the body.
A WebDAV response indicating that the request failed because it depended on another request that failed.
The server is unwilling to process a request sent using TLS early data, due to the risk of a replay attack.
The client should switch to a different protocol. The server sends an Upgrade header indicating the required protocol.
The origin server requires the request to be conditional, to prevent the lost-update problem where a client reads a resource, modifies it, then overwrites a concurrent change.
You have sent too many requests in a given time. Slow down.
The server is unwilling to process the request because its header fields are too large. Reduce the size of individual headers or the total number of headers.
The server is denying access to the resource as a consequence of a legal demand, such as a court order or government instruction.
Server Error
The server encountered an unexpected condition.
The server does not support the functionality required to fulfil the request. Return this when the server does not recognise the request method.
The server received an invalid response from an upstream server.
The server is temporarily unable to handle the request (overload or maintenance).
The upstream server failed to respond in time.
The server does not support the HTTP version used in the request.
The server has an internal configuration error where the chosen variant for content negotiation is itself configured to negotiate, creating a circular reference.
A WebDAV response indicating the server cannot store the representation needed to complete the request.
A WebDAV response indicating the server terminated an operation because it encountered an infinite loop while processing the request.
An extension to the request was required but the server did not support it. This code has been obsoleted and should not be used in new implementations.
The client needs to authenticate to gain network access, typically used by captive portals (such as hotel or airport Wi-Fi login pages).
API response
Pair the code with a clear JSON body when the client needs to show or log an error reason.
Redirect
Use 301 or 308 for permanent moves, and 302 or 307 when the original URL should remain valid.
Caching
A 304 response has no body. It tells the browser to reuse the cached resource it already has.
HTTP Status Codes: The Language of the Web
Every time your browser loads a page, an API returns data, or a form submits, the server sends back a three-digit number. That number tells the client exactly what happened, did the request succeed? Did the resource move? Is the server broken? HTTP status codes are the universal language servers use to communicate results.
You don't need to memorise all of them, there are over 60 IANA-assigned codes, but knowing the major ones saves hours of debugging. When your API returns a 422 instead of a 400, or a 301 instead of a 302, the difference matters. It affects how browsers cache, how search engines index, and how your users experience errors.
This reference covers every status code you'll actually encounter. Search by number, name, or description to find exactly what you need.
Status Code Categories at a Glance
| Range | Category | Meaning | Common Examples |
|---|---|---|---|
| 100-199 | Informational | Request received, continuing process | 100 Continue, 101 Switching Protocols |
| 200-299 | Success | Request received, understood, and accepted | 200 OK, 201 Created, 204 No Content |
| 300-399 | Redirection | Further action needed to complete request | 301 Moved, 302 Found, 304 Not Modified |
| 400-499 | Client Error | Request contains an error from the client side | 400 Bad Request, 401 Unauthorized, 404 Not Found |
| 500-599 | Server Error | Server failed to fulfil a valid request | 500 Internal Error, 502 Bad Gateway, 503 Unavailable |
What this means for you: If you're debugging an issue, the first digit tells you where to look. 4xx = your request has a problem (check your code). 5xx = the server has a problem (check logs or wait for the service to recover).
The Status Codes That Trip People Up
401 vs 403
401 means "I don't know who you are", send credentials. 403 means "I know who you are, but you're not allowed." The fix for 401 is authentication. The fix for 403 is authorisation (different permissions).
301 vs 302 vs 307
301 is permanent (search engines transfer SEO value). 302 is temporary (keep indexing the original URL). 307 is like 302 but guarantees the HTTP method doesn't change, critical for POST requests that shouldn't become GETs.
400 vs 422
400 means the request is malformed, bad JSON, missing required headers. 422 means the request is valid but the data doesn't make sense, like submitting a form with an email field containing "not-an-email". Use 422 for validation errors.
502 vs 503 vs 504
502 means a proxy/gateway got a bad response from the upstream server. 503 means the server is overloaded or in maintenance. 504 means the upstream server didn't respond in time. All three mean "try again later," but the root cause differs.
SEO Impact of Status Codes
| Code | SEO Effect | Best Practice |
|---|---|---|
| 200 | Page indexed normally | Return for all valid, indexable pages |
| 301 | SEO value transfers to new URL (90-99%) | Use for permanent URL changes, domain migrations |
| 302 | SEO value stays on original URL | Use for A/B tests, temporary maintenance pages |
| 404 | Page removed from index after crawls | Set up a custom 404 page, fix broken links |
| 410 | Removed from index more quickly than 404 | Use when content is permanently, deliberately removed |
| 503 | Tells crawlers to come back later | Use during planned maintenance (not for blocking bots) |
What this means for you: Using the wrong redirect code can cost you search rankings. A 302 when you meant 301 means Google keeps indexing the old URL. A 404 when you should use 301 means you lose the link equity the old page had built up.
API Design: Choosing the Right Code
| Scenario | Code | Why Not Something Else |
|---|---|---|
| Successful creation (POST) | 201 Created | 200 works but 201 is more specific, include a Location header |
| Successful delete | 204 No Content | 200 with an empty body is confusing, 204 is unambiguous |
| Invalid form data | 422 Unprocessable Content | 400 means the request itself is broken (bad JSON), not the data |
| Resource already exists | 409 Conflict | More descriptive than 400, tells the client to resolve the conflict |
| Rate limited | 429 Too Many Requests | Include a Retry-After header so clients know when to try again |
Headers That Often Matter Too
A status code tells the client what happened. Response headers often tell the client what to do next, how long to cache, where to redirect, or when to retry.
| Status | Useful Header | What It Adds |
|---|---|---|
| 201 Created | Location | Points to the newly created resource |
| 301 or 308 | Location | Tells the client where the permanent redirect goes |
| 304 Not Modified | ETag | Confirms which cached version the client can keep using |
| 401 Unauthorized | WWW-Authenticate | Explains the authentication scheme expected by the server |
| 429 Too Many Requests | Retry-After | Gives the client a wait time before trying again |
| 503 Service Unavailable | Retry-After | Signals temporary downtime rather than permanent failure |
Debugging by Status Family
2xx success but wrong data
Check caching, request parameters, and response body shape. A successful status code means the server accepted the request, not that the client asked the right question.
3xx redirect loop
Inspect each Location header. Loops often come from mixed HTTP/HTTPS rules, trailing slash rewrites, or proxies adding headers the app does not expect.
4xx client errors
Reproduce with the same URL, headers, method, body, and credentials. A missing auth header can look very different from a malformed JSON body.
5xx server errors
Start with application logs, upstream health, deploy history, and dependency outages. Retrying can help for transient failures, but repeated 5xx needs server-side investigation.
REST API Response Examples
| Action | Recommended Code | Example Body |
|---|---|---|
| Create a user | 201 Created | {"id":"usr_123","email":"[email protected]"} |
| Update settings | 200 OK | {"timezone":"Europe/London"} |
| Delete a record | 204 No Content | No body |
| Validation failed | 422 Unprocessable Content | {"errors":{"email":"Invalid address"}} |
| Rate limited | 429 Too Many Requests | {"error":"rate_limited"} |
Keep machine-readable error codes in the body when clients need to branch on the result. Human copy can change, but stable error identifiers help client code.
For public APIs, document both the status code and the response body shape so client teams can handle errors consistently.
Caching and Conditional Requests
304 saves bandwidth
A browser can ask whether a cached file has changed by sending an ETag or Last-Modified value. If the server returns 304, the browser keeps the cached copy and no body is sent.
204 is not the same as 304
204 means the request succeeded and there is no response body. 304 means the client should use a previous cached response instead.
Redirects can be cached
Permanent redirects can stick in browsers, search indexes, and caches. Test a redirect rule carefully before using 301 or 308 across a large site.
Related Tools
How to use this tool
Type a status code number or keyword in the search box
Browse results grouped by category (success, redirect, error)
Read the description to understand when and why each code is used
Common uses
- Looking up unfamiliar HTTP error codes during debugging
- Choosing the correct status code for REST API responses
- Understanding redirect types for SEO configuration
- Diagnosing server errors from monitoring alerts
Share this tool
Frequently Asked Questions
What are HTTP status codes?
What's the difference between 301 and 302?
When do I get a 429?
What's the difference between 401 and 403?
What does a 204 response mean?
What causes a 502 Bad Gateway?
Should I use 404 or 410 for removed content?
What's the story behind 418 I'm a Teapot?
When should I use 422 vs 400?
What does 304 Not Modified do?
What's the difference between 307 and 302?
How do I check HTTP status codes for my site?
Results are for general informational purposes only and should be checked before use. They are not professional advice. See our Disclaimer and Terms of Service.