Several years ago the team I was on worked on a custom app for Splunk. We were on a customer call where they were receiving HTTP 402 Payment Required in their error logs and thought it was coming from our app. We explained we never implemented that error code (although I got paranoid and did triple check our code) so the conclusion was that Splunk must be returning it. Even searching the web today, it appears they never documented that but there are several Splunk community forum threads asking about HTTP 402. If you do use it, it's probably best to clearly document exactly what you want your users to pay for, and how!
