I found an "abandoned" subdomain of WePay that can be taken over, thus vulnerable to Subdomain takeover. I reported it to Wepay and fixed it after 2 hours (which is pretty fast). The vulnerable site was staging.wepay.com. If youre gonna visit that site, you will encounter an error saying "Unknown domain:staging.wepay.com" indicating that nobody owns that domain and anyone can take and register it to a hosting site. The CNAME/is pointing to Fastly.