| 100 | Continue | |
| 101 | SwitchingProtocols | See also the Upgrade request header. |
| 200 | OK | |
| 201 | Created | A resource was created on the server. Typically used after POST (why?) and sometimes after PUT requests. |
| 202 | Accepted | |
| 203 | NonAuthoritativeInformation | |
| 204 | NoContent | |
| 205 | ResetContent | |
| 206 | PartialContent | |
| 300 | MultipleChoices | |
| 301 | MovedPermanently | The Location response header contains the URL to which a resource has moved. See also the -L option of curl |
| 302 | Found | War previously referred to as «Moved temporarily» |
| 303 | SeeOther | |
| 304 | Not modified | See the ETag and If-None-Matched headers. Compare with the 412 status code. |
| 308 | Permanent Redirect | described in RFC 7538 |
| 305 | UseProxy | |
| 306 | Unused | |
| 307 | TemporaryRedirect | |
| 400 | BadRequest | |
| 401 | Unauthorized | Used for authentication. Must include a WWW-Authenticate header field and a challenge. |
| 402 | PaymentRequired | |
| 403 | Forbidden | |
| 404 | Not Found | The client was able to contact the web server, but the web server was unable find the requested resource. |
| 405 | Method not allowed | |
| 406 | NotAcceptable | Might be sent if a server cannot serve a document in one of the languages requested with the Accept-Language or encodings requested with the Accept-Encoding request headers |
| 407 | Proxy Authentication Required | See also the Proxy-Authenticate and Proxy-Authorization headers. |
| 408 | RequestTimeout | |
| 409 | Conflict | |
| 410 | Gone | |
| 411 | LengthRequired | |
| 412 | Precondition Failed | 412 is returned when the ETag/If-Match mechanism detected a mid-air collision. Compare with status 304. |
| 418 | I'm a teapot | Published in RFC 2324, 1 April 1998. |
| 428 | Precondition Required | optional: clients cannot rely upon this status code to prevent «lost update» conflicts. |
| 429 | Too Many Requests | User has sent too many requests in a given amount of time (rate limiting). This status might come with a Retry-After response header. Compare with Status code 503. See also with DoD (Denial of Service) attacks. |
| 431 | Request Header Fields Too Large | server is unwilling to process the request because its header fields are too large. |
| 413 | RequestEntityTooLarge | |
| 414 | RequestUriTooLong | |
| 415 | UnsupportedMediaType | |
| 416 | RequestedRangeNotSatisfiable | |
| 417 | ExpectationFailed | |
| 426 | UpgradeRequired | |
| 500 | Internal Server Error | For example in an Apache Web Server because an .htaccess file is corrupt. |
| 501 | Not implemented | The request method is either not understood by web server, or it is not implemented in the web server. |
| 502 | Bad Gateway | A server that acts as a gateway or proxy received an invalid response from its upstream server. |
| 503 | ServiceUnavailable | Should be sent with the Retry-After response header. Compare with status code 429. |
| 504 | GatewayTimeout | |
| 505 | HttpVersionNotSupported | |
| 511 | Network Authentication Required | client needs to authenticate to gain network access. |