| 100 | Continue | The server has received the request headers and the client should proceed to send the request body. Used when the client sends a preflight request with the Expect header to check if the server can handle the upcoming payload. | Informational |
| 101 | Switching Protocols | The server is switching protocols as requested by the client via the Upgrade header. Commonly used when upgrading from HTTP to WebSocket connections. | Informational |
| 102 | Processing | The server has received and is processing the request, but no response is available yet. Defined for WebDAV to indicate that a long-running operation is still in progress. | Informational |
| 103 | Early Hints | Used to return link headers that the client can start preloading while the server prepares the final response. Helps reduce perceived latency by allowing browsers to fetch critical resources like stylesheets and scripts early. | Informational |
| 200 | OK | The request succeeded. The meaning of the success depends on the HTTP method used: GET retrieves a resource, POST creates or processes data, PUT updates a resource, and DELETE removes a resource. | Success |
| 201 | Created | The request succeeded and a new resource was created. Typically returned after a POST request that results in the creation of a new record, such as submitting a form or creating a new user. | Success |
| 202 | Accepted | The request has been accepted for processing, but the processing has not been completed. Used for asynchronous operations where the server queues the work and the client should check back later for the result. | Success |
| 203 | Non-Authoritative Information | The returned metadata is not from the origin server but from a local or third-party copy. The payload may be a modified version of the original response, such as when a proxy transforms content. | Success |
| 204 | No Content | The request succeeded but there is no content to return in the response body. Commonly used for successful DELETE requests or PUT/PATCH updates where no response body is needed. | Success |
| 205 | Reset Content | The server asks the client to reset the document view, such as clearing a form after submission. Unlike 204, this specifically instructs the browser to reset the active input fields. | Success |
| 206 | Partial Content | The server is delivering only part of the resource due to a range header sent by the client. Used for resuming interrupted downloads or streaming media files in chunks. | Success |
| 207 | Multi-Status | Conveys information about multiple resources in situations where multiple status codes might be appropriate. Used in WebDAV to report results for multiple operations within a single response. | Success |
| 208 | Already Reported | Used in WebDAV to avoid enumerating the internal members of multiple bindings to the same collection repeatedly. Indicates that the contents have already been reported in a previous response. | Success |
| 226 | IM Used | The server has fulfilled a GET request for the resource, and the response represents the result of instance manipulation applied to the current instance. Used with delta encoding to indicate the response is a delta transformation. | Success |
| 300 | Multiple Choices | The requested resource has multiple representations, each with a different URI. The client can choose one via user agent selection or the server may provide a preferred choice. | Redirection |
| 301 | Moved Permanently | The resource has been permanently moved to a new URI. Browsers and search engines should update their references to the new URL. This redirect is cacheable and the HTTP method may change to GET. | Redirection |
| 302 | Found | The resource resides temporarily under a different URI. Originally meant for temporary redirects, but widely implemented as a method-changing redirect (POST becomes GET). Use 307 for guaranteed method preservation. | Redirection |
| 303 | See Other | The response to the request can be found at another URI using a GET method. Commonly used after a form POST to redirect the client to a confirmation page, ensuring the redirect always uses GET. | Redirection |
| 304 | Not Modified | Indicates that the resource has not been modified since the version specified by the request headers. Allows caches to reuse a previously stored response without re-downloading content. | Redirection |
| 307 | Temporary Redirect | The resource is temporarily available at a different URI, and the client must preserve the original HTTP method when redirecting. Unlike 302, this guarantees the method does not change (POST stays POST). | Redirection |
| 308 | Permanent Redirect | The resource has been permanently moved to a new URI, and the client must preserve the original HTTP method when redirecting. Unlike 301, this guarantees the method does not change (POST stays POST). | Redirection |
| 400 | Bad Request | The server cannot process the request due to something perceived as a client error. This includes malformed request syntax, invalid message framing, or deceptive request routing. | Client Error |
| 401 | Unauthorized | The request requires user authentication. The response must include a WWW-Authenticate header field with a challenge applicable to the requested resource. Despite the name, this is about authentication, not authorization. | Client Error |
| 402 | Payment Required | Reserved for future use. Originally intended for digital payment systems, but no conventional use has been established. Some services use it to indicate a subscription or payment is required to access the resource. | Client Error |
| 403 | Forbidden | The server understood the request but refuses to authorize it. Unlike 401, authentication will not help. The client does not have access rights to the content, and re-authenticating will make no difference. | Client Error |
| 404 | Not Found | The server cannot find the requested resource. This is the most common error on the web and typically means the URL is wrong or the resource has been deleted. Browsers display this as the familiar "page not found" screen. | Client Error |
| 405 | Method Not Allowed | The request method is not supported by the target resource. For example, sending a DELETE request to a read-only endpoint. The response should include an Allow header listing the permitted methods. | Client Error |
| 406 | Not Acceptable | The server cannot produce a response matching the list of acceptable values defined in the request Accept headers. The client requested a content type or encoding that the server does not support for this resource. | Client Error |
| 407 | Proxy Authentication Required | Similar to 401, but the client must first authenticate with a proxy. The response must include a Proxy-Authenticate header field with a challenge applicable to the proxy for the requested resource. | Client Error |
| 408 | Request Timeout | The server did not receive a complete request within the time it was prepared to wait. The client may repeat the request without modifications at a later time. | Client Error |
| 409 | Conflict | The request cannot be completed due to a conflict with the current state of the target resource. Commonly occurs when trying to create a resource that already exists or update a resource with stale data. | Client Error |
| 410 | Gone | The resource is no longer available and no forwarding address is known. Similar to 404 but indicates the resource was intentionally removed and is permanently gone, not just temporarily missing. | Client Error |
| 411 | Length Required | The server refuses to accept the request without a defined Content-Length header. The client must provide a valid Content-Length when sending a request with a body. | Client Error |
| 412 | Precondition Failed | One or more conditions given in the request headers evaluated to false. Typically occurs when an If-Match or If-Unmodified-Since header does not match the server state, preventing conditional requests from proceeding. | Client Error |
| 413 | Content Too Large | The request payload is larger than the server is willing or able to process. The server may close the connection to prevent the client from continuing to send data, or return a Retry-After header for later attempts. | Client Error |
| 414 | URI Too Long | The request-target is longer than the server is willing to interpret. Often occurs when a GET request encodes too much data in the query string, and the client should convert it to a POST request instead. | Client Error |
| 415 | Unsupported Media Type | The server refuses the request because the payload format is not supported. The Content-Type header specifies a media type that the server does not understand or will not accept for this endpoint. | Client Error |
| 416 | Range Not Satisfiable | The requested range cannot be satisfied by the server. The byte range specified in the Range header does not overlap with the available resource, and the server provides the valid range in a Content-Range header. | Client Error |
| 417 | Expectation Failed | The expectation given in the Expect header could not be met by the server. Most commonly occurs when a client sends an Expect: 100-continue header that the proxy or server does not support. | Client Error |
| 418 | I'm a Teapot | The server refuses to brew coffee because it is, permanently, a teapot. This is an Easter egg from RFC 2324 and is sometimes used as a playful rejection when a client requests something the endpoint was never designed to handle. | Client Error |
| 421 | Misdirected Request | The request was directed at a server that is not able to produce a response. This occurs in HTTP/2 when a connection is reused for a different authority than the one the client intended, requiring the client to retry on a new connection. | Client Error |
| 422 | Unprocessable Content | The server understands the content type and syntax but cannot process the instructions. Commonly returned by APIs when validation fails, such as missing required fields or values that violate business rules. | Client Error |
| 423 | Locked | The source or destination resource of a method is locked. Defined for WebDAV to indicate that the requested action cannot be performed because the resource is locked by another user or process. | Client Error |
| 424 | Failed Dependency | The method could not be performed because the requested action depended on another action that itself failed. Used in WebDAV when a parent request fails and dependent child requests cannot proceed. | Client Error |
| 425 | Too Early | The server is unwilling to risk processing a request that might be a replay of an earlier request. Defined for TLS 1.3 to protect against replay attacks when early data (0-RTT) is used. | Client Error |
| 426 | Upgrade Required | The server refuses to perform the request using the current protocol. The client must upgrade to a different protocol as indicated by the Upgrade header in the server response. | Client Error |
| 428 | Precondition Required | The server requires the request to be conditional to prevent lost updates. The client must include an If-Match or If-Unmodified-Since header to ensure it is working with the latest version of the resource. | Client Error |
| 429 | Too Many Requests | The client has sent too many requests in a given amount of time. The server includes a Retry-After header indicating how long the client should wait before making another request. Used for API rate limiting. | Client Error |
| 431 | Request Header Fields Too Large | The server is unwilling to process the request because the header fields are too large. Reducing the size of the request headers or increasing the server header buffer size may resolve the issue. | Client Error |
| 451 | Unavailable For Legal Reasons | The server is denying access to the resource as a consequence of a legal demand. Commonly used for content that must be blocked due to censorship, copyright claims, or court orders. The status code number is a reference to Fahrenheit 451. | Client Error |
| 500 | Internal Server Error | The server encountered an unexpected condition that prevented it from fulfilling the request. This is a generic error when no more specific message is available, and it usually indicates a bug or misconfiguration on the server. | Server Error |
| 501 | Not Implemented | The server does not support the functionality required to fulfill the request. Commonly returned when the HTTP method is not recognized or when the server lacks the capability to handle the requested action. | Server Error |
| 502 | Bad Gateway | The server, acting as a gateway or proxy, received an invalid response from an upstream server. This typically means the origin server is down, unreachable, or returned a malformed response that the gateway cannot process. | Server Error |
| 503 | Service Unavailable | The server is temporarily unable to handle the request due to overload or scheduled maintenance. The response may include a Retry-After header to indicate when the client should try again. | Server Error |
| 504 | Gateway Timeout | The server, acting as a gateway or proxy, did not receive a timely response from an upstream server. This indicates the origin server took too long to respond, and the gateway gave up waiting. | Server Error |
| 505 | HTTP Version Not Supported | The server does not support the major version of HTTP used in the request. For example, a server that only supports HTTP/1.1 cannot fulfill a request sent using HTTP/2 protocol semantics. | Server Error |
| 506 | Variant Also Negotiates | Transparent content negotiation for the request results in a circular reference. The server configuration has a negotiation loop where the chosen variant also negotiates, preventing a response from being served. | Server Error |
| 507 | Insufficient Storage | The server is unable to store the representation needed to complete the request. Defined for WebDAV to indicate that the server has run out of disk space or quota to save the requested resource. | Server Error |
| 508 | Loop Detected | The server detected an infinite loop while processing the request. Defined for WebDAV to indicate that the operation would never complete because it references itself. | Server Error |
| 510 | Not Extended | Further extensions to the request are required for the server to fulfill it. The client should resend the request with the required extensions specified in the mandatory header. | Server Error |
| 511 | Network Authentication Required | The client needs to authenticate to gain network access. Typically used by captive portals in public Wi-Fi networks to redirect the user to a login page before allowing internet access. | Server Error |
| 520 | Web Server Returns an Unknown ErrorUnofficial | The origin server returned an unexpected response to Cloudflare. This can happen when the origin web server crashes, returns an empty response, or sends headers that Cloudflare cannot parse. | Server ErrorUnofficial |
| 521 | Web Server Is DownUnofficial | Cloudflare could not negotiate a TCP handshake with the origin server. The origin web server has actively refused the connection, meaning it is down or not listening on the expected port. | Server ErrorUnofficial |
| 522 | Connection Timed OutUnofficial | Cloudflare was able to connect to the origin server but the connection timed out before a response was received. This usually means the origin server is overloaded or has network connectivity issues. | Server ErrorUnofficial |
| 523 | Origin Is UnreachableUnofficial | Cloudflare could not reach the origin server. This typically occurs when the DNS records for the domain point to an IP address that does not exist, is not routed, or has firewall rules blocking Cloudflare. | Server ErrorUnofficial |
| 524 | A Timeout OccurredUnofficial | Cloudflare was able to establish a TCP connection to the origin server but did not receive an HTTP response before the timeout expired. This usually means the origin server is too slow to respond within Cloudflare's 100-second limit. | Server ErrorUnofficial |