Example
Input (status code)
418
Output
418 I'm a teapot Category: 4xx Client error (joke) Description: The RFC 2324 (1998 April Fool's) joke code: "I cannot brew coffee because I am a teapot." Used as an Easter egg by Google and others.
Usage / FAQ
When to use
- Look up the meaning and category of an unfamiliar status code
- Pick the right response code for a REST API
- Settle code-review debates between 401 vs 403, 404 vs 410, etc.
- Learn the 1xx / 2xx / 3xx / 4xx / 5xx categorization
- Trace the origin of joke codes like 418 (Easter eggs)
FAQ
- Q.401 vs 403?
- A.401 Unauthorized means "I don't know who you are" — authentication needed. 403 Forbidden means "I know who you are, but you can't do this". The names are confusing — remember by the message.
- Q.404 vs 410?
- A.404 Not Found means "not here right now" (might come back). 410 Gone means "deliberately removed forever" — useful so search engines drop the URL from their index.
- Q.204 No Content vs 304 Not Modified?
- A.204 means "success, no body" (e.g. after DELETE). 304 means "your cache is fresh, no body sent". Both omit the body, but the meaning is completely different.
Fun facts
HTTP status codes are governed by RFC 9110 (2022), which consolidated and updated RFC 7231 and others. 1xx informational / 2xx success / 3xx redirection / 4xx client error / 5xx server error — the first digit is the category, the rest is the subdivision. A simple rule that has lived for 30 years.
RFC 9110 (2022)418 'I'm a teapot' was defined as an April Fools' joke in 1998 (RFC 2324, the Hyper Text Coffee Pot Control Protocol). Surprisingly, it stuck around — Cloudflare, Node.js, and others actually implement it, and it's now the go-to for 'reject this request, not seriously.'
RFC 2324 (April Fools 1998)451 'Unavailable For Legal Reasons' is a nod to Ray Bradbury's *Fahrenheit 451* (a novel about book censorship). Standardized as RFC 7725 in 2015 for content blocked by legal censorship — a rare case where the number itself is an homage to an author.
RFC 7725 (2015)
Related tools
- Base64 Encode / Decode
Encode text to Base64 or decode Base64 back to text. Runs entirely in your browser, no data sent to any server.
- URL Encode / Decode
Percent-encode text for safe use in URLs, or decode percent-encoded URLs back to text. Runs entirely in your browser.
- UUID / ULID Generator
Generate UUID v4 (random), UUID v7 (time-ordered, RFC 9562), or ULID identifiers — all client-side via crypto.
- JWT Decoder
Decode the header and payload of a JSON Web Token. Signature is not verified (a public key is required). The token is processed entirely in your browser.
- JWT Encoder (HMAC)
Generate a signed JSON Web Token with HS256/HS384/HS512 (HMAC-SHA). Payload and secret stay in your browser — Web Crypto API based.
- SHA Hash
Compute SHA-1, SHA-256, SHA-384, or SHA-512 hash of text. Uses the browser's Web Crypto API; no data is sent to any server.
- Hex Encode / Decode
Encode text to hexadecimal or decode hex back to text. Supports UTF-8 multi-byte characters and tolerates whitespace.
- HTML Entity Encode / Decode
Encode HTML special characters (&, <, >, ", ') to entities, or decode named/numeric entities back to text.
- Password Generator
Generate cryptographically strong passwords, tokens, random strings, and passphrases with entropy display.
- Number Base Converter
Convert numbers between bases (binary/octal/decimal/hex/base36) using BigInt for large integers. Auto-detects 0b/0o/0x prefixes.
- URL Parser
Decompose a URL into protocol, host, path, query parameters, and hash — read-only inspection.
- HMAC Generator
Compute HMAC (Hash-based Message Authentication Code) with SHA-1/256/384/512 using the Web Crypto API.
- HMAC Verify
Verify whether a given HMAC signature matches the message + secret. Constant-time comparison via Web Crypto API.
- MD5 Hash
Compute MD5 hash for text. Note: MD5 is broken for security — checksums and legacy compatibility only.
- Punycode (IDN)
Convert international domain names to/from Punycode (xn-- encoded ASCII). Uses native URL parser.
- User-Agent Parser
Parse User-Agent strings into browser, OS, device, and engine fields.
- Bcrypt Hash
Hash passwords with Bcrypt or verify a plaintext against an existing hash. Configurable salt rounds.
- Cookie Parser
Parse Cookie or Set-Cookie strings into a table. Decode percent-encoded values. Supports Set-Cookie attributes (Path/Domain/Max-Age/SameSite/HttpOnly/Secure).
- IP / CIDR Calculator
Compute network address, broadcast, host range, mask, and host count from an IPv4 + CIDR.
- cURL Builder
Build cURL commands from URL/method/headers/body. Auto-detects JSON content-type.