Professional Documents
Culture Documents
Scan Detail
Target www.six-group.com
Scan Type Full Scan
Start Time Apr 1, 2024, 3:47:46 PM GMT-7
Scan Duration 54 minutes
Requests 32462
Average Response Time 239ms
Maximum Response Time 24281ms
Application Build v23.9.230927167
1
0 1 1 1 8
Critical High Medium Low Informational
Critical 0 0
High 1 1
Medium 1 1
Low 1 1
Informational 4 8
Total 7 11
2
High Severity
Instances
Certificate is Signed Using a Weak Signature A… 1
Medium Severity
Instances
SSL Certificate Name Hostname Mismatch 1
Low Severity
Instances
Clickjacking: CSP frame-ancestors missing 1
Informational
Instances
Content Security Policy Misconfiguration 5
Generic Email Address Disclosure 1
HTTP Strict Transport Security (HSTS) Errors a… 1
Others 1
3
Impacts
SEVERITY IMPACT
4
Certificate is Signed Using a Weak Signature
Algorithm
Acunetix detected that a certificate is signed using a weak signature algorithm.
The weak signature algorithm is known to be cryptographically weak and vulnerable to collision attacks.
Impact
Attackers can observe the encrypted traffic between your website and its visitors by leveraging the use of
this vulnerability.
https://www.six-group.com/
5
45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO
UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5
O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC
bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv
GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a
77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC
hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3
92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp
Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ -----END CERTIFICATE-----
Recommendation
You'll need to generate a new certificate request, and get your CA to issue you a new certificate using SHA-2.
References
Impact
6
It can impact both website and the users:
https://www.six-group.com/
7
bS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwCAYGBACPegEHMAgGBmeBDAECAjCBxgYI
KwYBBQUHAQEEgbkwgbYwZAYIKwYBBQUHMAKGWGh0dHA6Ly9zd2lzc3NpZ24ubmV0
L2NnaS1iaW4vYXV0aG9yaXR5L2Rvd25sb2FkL0FDRDAzQUMyQzI1NzU1OTE2OTEx
Q0M3MDZBNTkzODhBOENBQzlDM0QwTgYIKwYBBQUHMAGGQmh0dHA6Ly9vY3NwLnN3
aXNzc2lnbi5uZXQvQUNEMDNBQzJDMjU3NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FD
OUMzRDCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUAVYHUwhaQNgFK6gubVzxT
8MDkOHhwJQgXL6OqHQcT0wwAAAGJRDyFBgAABAMARjBEAiAHHHYrwb7KMWb8BV9D
bezjYqpXrHDNt367Z00lQsD8awIgfudaZCFK6Ge7B7v55NIs6MydZuR/lm0ce8Sf
2DpjPEIAdQDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYlEPIOx
AAAEAwBGMEQCIHYhWahoWNtmgnSCKc9vK7JhwuYHVxyz8XESUR9uQkYfAiBuGU6r
zrgjpSC8bX5iodFSIID2v5bS1/gPbWriL+zgCQB3AO7N0GTV2xrOxVy3nbTNE6Iy
h0Z8vOzew1FIWUZxH7WbAAABiUQ8hZ8AAAQDAEgwRgIhAODz1iw5UJxeGzlk5uWW
lp4I9gPFIDLAf2KQC9BrGYufAiEA+QqVWGb8b4XaFT4XkCQyx/6oiIJKOsPo30YD
KGgoqYUwDQYJKoZIhvcNAQELBQADggIBAL4z6/ghYija60g0uMR8G1yzVCnwIUtc
c0mlMua6dyyKxOkOJyUc1N9NxlrjY3QeohzrHsH0rFpQbH/OcigXNO0KHWLdaHV+
NZAu0YOGESZKu7z5yv0hIk5iELqsjW4HDmXUrhCWUAJ/qzt0DzuqLBTae0u+Pqo3
/c9i2TeyDsoRwvZfTfIlRCJXNYnaEOHuY8jj5z5R7pezdlBDV9DL/L/IEaHk+2HS
MRCK3qAf67cngRE8Y4KDXgBvHQ6cCo/7bHODDwhnESr3SGIk1n4T+b2M/kyi6skQ
R1otuE1VLZCuppD5hgJaAIuW6D/NwG/B2rXPghAyZpU5UKVTjYTJ9nmR5IPEms33
M8UY1Bc6vEYm/Y9mEV9tj2ZarBLnBjTx9rOmRRz1W3E212Dc72Vg3QbLGCc14oAF
kHHD2A/C3w6NrtXEgxGZj3Vqbeis8CHL0L3wAzA5Y+SPYfmShAps0yao83e2oxJx
CPH+wn/MQ57gA5/gT6V9i/wLF+NUAoJO3Zra8+NUN9iasX76e07FRoWXQgJu/+ky
ElCki6fNtPkhIp3AzyGD0D3sq5E/KBZtHr/ffzv2vK3l/fDeoCf75WgIE4O51C5y
C1sCY+4ae4fZJKuKg2BTplgM6ToDyqzf3GmiuqH0HS/X6nBfbKul8sSZiMVLCwDw /TBZXqfLjI9k -----END
CERTIFICATE-----
Recommendation
The process of fixing name-hostname mismatch issues varies depending on the host or the certificate
authority used. Please refer to the corresponding documentation.
References
What Is an SSL Common Name Mismatch Error and How Do I Fix It?
https://www.globalsign.com/en/blog/what-is-common-name-mismatch-error
8
The server didn't return a frame-ancestors directive in the Content-Security-Policy header which means
that this website could be at risk of a clickjacking attack. The frame-ancestors directives can be used to
indicate whether or not a browser should be allowed to render a page inside a frame. Sites can use this to
avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.
Impact
The impact depends on the affected web application.
https://www.six-group.com/
Paths without CSP frame-ancestors:
https://www.six-group.com/errorpages/assets/fonts/fontawesome/
https://www.six-group.com/assets/fonts/
https://www.six-group.com/sitemap.xml.gz
https://www.six-group.com/en/home.html
https://www.six-group.com/assets/
https://www.six-group.com/en/
https://www.six-group.com/errorpages/assets/fonts/fontawesome/assets/
https://www.six-group.com/errorpages/
https://www.six-group.com/errorpages/assets/images/
https://www.six-group.com/errorpages/assets/fonts/icons/
https://www.six-group.com/errorpages/assets/
https://www.six-group.com/errorpages/assets/fonts/
https://www.six-group.com/.htpasswd
https://www.six-group.com/.passwd
https://www.six-group.com/account
https://www.six-group.com/account.asp
https://www.six-group.com/account.aspx
9
https://www.six-group.com/account.jsp
https://www.six-group.com/account.php
https://www.six-group.com/admin.htm
https://www.six-group.com/admin.html
Request
GET /errorpages/assets/fonts/fontawesome/ HTTP/1.1
Referer: https://www.six-group.com/
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/117.0.0.0 Safari/537.36
Host: www.six-group.com
Connection: Keep-alive
Recommendation
Configure your web server to include a CSP header with frame-ancestors directive and an X-Frame-Options
header. Consult Web references for more information about the possible values for this header.
References
OWASP Clickjacking
https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html
CSP: frame-ancestors
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors
Impact
Consult References for more information.
10
https://www.six-group.com/ Verified
Request
GET /errorpages/assets/fonts/fontawesome/ HTTP/1.1
Referer: https://www.six-group.com/
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/117.0.0.0 Safari/537.36
Host: www.six-group.com
Connection: Keep-alive
https://www.six-group.com/ Verified
Request
GET /errorpages/assets/fonts/fontawesome/ HTTP/1.1
Referer: https://www.six-group.com/
11
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/117.0.0.0 Safari/537.36
Host: www.six-group.com
Connection: Keep-alive
https://www.six-group.com/ Verified
Request
GET /admin.htm HTTP/1.1
Referer: https://www.six-group.com/
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/117.0.0.0 Safari/537.36
Host: www.six-group.com
Connection: Keep-alive
12
https://www.six-group.com/ Verified
Request
GET /admin.htm HTTP/1.1
Referer: https://www.six-group.com/
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/117.0.0.0 Safari/537.36
Host: www.six-group.com
Connection: Keep-alive
https://www.six-group.com/ Verified
13
CSP Value: default-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.twitter.com assets.juicer.io
cdns.eu1.gigya.com cdn.cookielaw.org cdn.knightlab.com code.jquery.com connect.facebook.net
geolocation.onetrust.com munchkin.marketo.net optanon.blob.core.windows.net snap.licdn.com static.ads-
twitter.com www.buzzsprout.com *.googletagmanager.com www.google.com www.googleadservices.com
www.gstatic.com www.youtube.com *.analytics.google.com *.google-analytics.com *.googleapis.com 505-
xng-882.mktoweb.com 636-tke-312.mktoweb.com fonts.googleapis.com info.six-group.com
info.finanzmuseum.ch info.ebill.ch accounts.eu1.gigya.com adservice.google.com ad.doubleclick.net
cookies-data.onetrust.io graph.facebook.com info-sandbox.six-group.com privacyportal-ch.onetrust.com
*.g.doubleclick.net www.juicer.io 505-xng-882.mktoresp.com 636-tke-312.mktoresp.com 505-xng-
882.mktoutil.com 636-tke-312.mktoutil.com www.six-structured-products.com *.google.com *.google.ad
*.google.at *.google.com.au *.google.be *.google.ca *.google.ch *.google.de *.google.dk *.google.es
*.google.fi *.google.fr *.google.gr *.google.com.hk *.google.ie *.google.im *.google.is *.google.it
*.google.co.jp *.google.li *.google.lu *.google.nl *.google.no *.google.pt *.google.se *.google.com.sg
*.google.sm *.google.co.uk www.schweizeraktien.net fonts.gstatic.com data: cdnapisec.kaltura.com
googleads.g.doubleclick.net player.vimeo.com *.transistor.fm www.facebook.com www.federli.ch
www.youtube-nocookie.com *.fls.doubleclick.net anchor.fm podcasters.spotify.com; img-src https: data:;
report-uri /api/six/cspreport; report-to csp-endpoint;
CSP Source: header
Summary: Acunetix detected that scheme URI was used in CSP directive.
Impact: This means that scheme URI in script-src (http: or https:) allows the execution of unsafe scripts.
Remediation: Replace the scheme URI with the domain that you trust.
References:
N/A
Request
GET /admin.htm HTTP/1.1
Referer: https://www.six-group.com/
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/117.0.0.0 Safari/537.36
Host: www.six-group.com
Connection: Keep-alive
Recommendation
See alert details for available remediation advice.
References
14
Generic Email Address Disclosure
One or more email addresses have been found on this website. The majority of spam comes from email
addresses harvested off the internet. The spam-bots (also known as email harvesters and email extractors)
are programs that scour the internet looking for email addresses on any website they come across.
Spambot programs look for strings like myname@mydomain.com and then record any addresses found.
Impact
Email addresses posted on Web sites may attract spam.
https://www.six-group.com/
Emails found:
https://www.six-group.com/errorpages/assets/fonts/fontawesome/
internet@six-group.com
https://www.six-group.com/assets/fonts/
internet@six-group.com
https://www.six-group.com/sitemap.xml.gz
internet@six-group.com
https://www.six-group.com/en/home.html
internet@six-group.com
https://www.six-group.com/assets/
internet@six-group.com
https://www.six-group.com/en/
internet@six-group.com
https://www.six-group.com/errorpages/assets/fonts/fontawesome/assets/
internet@six-group.com
https://www.six-group.com/errorpages/
internet@six-group.com
https://www.six-group.com/errorpages/assets/images/
internet@six-group.com
https://www.six-group.com/errorpages/assets/fonts/icons/
internet@six-group.com
https://www.six-group.com/errorpages/assets/
internet@six-group.com
https://www.six-group.com/errorpages/assets/fonts/
internet@six-group.com
https://www.six-group.com/.htpasswd
internet@six-group.com
15
https://www.six-group.com/.passwd
internet@six-group.com
https://www.six-group.com/account
internet@six-group.com
https://www.six-group.com/account.asp
internet@six-group.com
https://www.six-group.com/account.aspx
internet@six-group.com
https://www.six-group.com/account.jsp
internet@six-group.com
https://www.six-group.com/account.php
internet@six-group.com
https://www.six-group.com/ajax.php
internet@six-group.com
https://www.six-group.com/de/services/404.html
internet@six-group.com
Request
GET /errorpages/assets/fonts/fontawesome/ HTTP/1.1
Referer: https://www.six-group.com/
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/117.0.0.0 Safari/537.36
Host: www.six-group.com
Connection: Keep-alive
Recommendation
Check references for details on how to solve this problem.
References
Anti-spam techniques
https://en.wikipedia.org/wiki/Anti-spam_techniques
16
strict as is typically advisable.
Impact
HSTS can be used to prevent and/or mitigate some types of man-in-the-middle (MitM) attacks
https://www.six-group.com/
URLs where HSTS configuration is not according to best practices:
Request
GET /errorpages/assets/fonts/fontawesome/ HTTP/1.1
Referer: https://www.six-group.com/
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/117.0.0.0 Safari/537.36
Host: www.six-group.com
Connection: Keep-alive
Recommendation
It is recommended to implement best practices of HTTP Strict Transport Security (HSTS) in your web
application. Consult web references for more information.
17
References
hstspreload.org
https://hstspreload.org/
MDN: Strict-Transport-Security
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
Third-party resources (such as scripts and stylesheets) can be manipulated. An attacker that has access or
has hacked the hosting CDN can manipulate or replace the files. SRI allows developers to specify a base64-
encoded cryptographic hash of the resource to be loaded. The integrity attribute containing the hash is
then added to the <script> HTML element tag. The integrity string consists of a base64-encoded hash,
followed by a prefix that depends on the hash algorithm. This prefix can either be sha256, sha384 or sha512.
The script loaded from the external URL specified in the Details section doesn't implement Subresource
Integrity (SRI). It's recommended to implement Subresource Integrity (SRI) for all the scripts loaded from
external hosts.
Impact
An attacker that has access or has hacked the hosting CDN can manipulate or replace the files.
https://www.six-group.com/admin.htm
Pages where SRI is not implemented:
https://www.six-group.com/admin.htm
Script SRC: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Request
GET /admin.htm HTTP/1.1
Referer: https://www.six-group.com/
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
18
Chrome/117.0.0.0 Safari/537.36
Host: www.six-group.com
Connection: Keep-alive
Recommendation
Use the SRI Hash Generator link (from the References section) to generate a <script> element that
implements Subresource Integrity (SRI).
For example, you can use the following <script> element to tell a browser that before executing the
https://example.com/example-framework.js script, the browser must first compare the script to the
expected hash, and verify that there's a match.
<script src="https://example.com/example-framework.js"
integrity="sha384-oqVuAfXRKap7fdgcCY5uykM6+R9GqQ8K/uxy9rx7HNQlGYl1kPzQho1wx4JwY8wC"
crossorigin="anonymous"></script>
References
Subresource Integrity
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
19
Coverage
https://www.six-group.com
api
six
cspreport
.DS_Store
.htpasswd
.listing
.passwd
.user.ini
admin.htm
admin.html
admin.php
api.bak
api.cfg
api.csv
api.dump
api.ini
api.old
api.ost
api.pst
api.sh
api.sln
authorized_keys
bigdump.php
customers.csv
database.csv
databases.yml
db.csv
dead.letter
debug.php
environment.rb
20
global.asa.bak
global.asa.old
global.asa.orig
global.asa.temp
global.asa.tmp
global.asax.bak
global.asax.old
global.asax.orig
global.asax.temp
global.asax.tmp
htaccess.bak
id_dsa
log.htm
log.html
logs.htm
logs.html
members.csv
orders.csv
php.ini
phpliteadmin.php
propel.ini
sales.csv
schema.yml
service.asmx
test.asp
test.aspx
test.chm
test.htm
test.html
test.jsp
test.php
users.csv
users.db
21
users.ini
validator.php
web.config.bak
web.config.bakup
web.config.old
web.config.temp
web.config.tmp
webstats.html
wwwstats.htm
assets
fonts
bin
search
autocomplete
content
dam
six
layout
meta
six
global
es
services
search
dam
images
career
layout
meta
de
blog
company-growth.html
crypto.html
currency-codes.html
22
financial-data.html
financial-market-infrastructure.html
payment-transactions.html
people-and-culture.html
six-annual-report-2023.html
stock-exchanges.html
what-is-the-smi.html
why-you-need-climate-data.html
careers
apprentices
career-insights.html
commercial-apprenticeship.html
digital-business-developer-apprenticeship.html
it-apprenticeship.html
mediamatic-apprenticeship.html
schools.html
contacts
human-resources.html
discover
benefits-personal-growth.html
diversity-at-six.html
employees.html
professionals
it-careers.html
jobs-poland.html
jobs-spain.html
students-graduates
graduate-program.html
internship.html
working-students.html
apprentices.html
discover.html
jobs.html
23
professionals.html
students-graduates.html
company
contacts
head-office.html
governance
board-of-directors.html
compliance.html
executive-board.html
monitoring-and-regulation.html
risk-management.html
security.html
investors
annual-reporting.html
the-future-of-finance-is-now
research-reports.html
six-fintech-ventures.html
awards.html
events.html
governance.html
investors.html
procurement.html
sustainability.html
the-future-of-finance-is-now.html
contacts
banking-services.html
financial-information.html
securities-services.html
swiss-stock-exchange.html
market-data
bonds.html
data-services.html
etfs.html
24
etps.html
indices.html
mutual-funds.html
news-and-tools.html
shares.html
statistics.html
structured-products.html
newsroom
contacts
press-office.html
magazines
archive.html
pay-magazine.html
podcasts
six-podcast.html
swiss-exchange-podcast.html
imagery.html
magazines.html
media-contacts.html
media-releases.html
news.html
podcasts.html
red-newsletter.html
products-services
banking-services
data-ai
ai-outlook.html
atm-services.html
billing-and-payments.html
blink.html
data-ai.html
debit-and-mobile-services.html
interbank-clearing.html
25
payment-standardization.html
financial-information
display-and-delivery-capabilities.html
esg-data.html
indices.html
reference-pricing-data.html
regulatory-services.html
securities-services
clearing.html
download-center.html
securities-finance.html
settlement-and-custody.html
tax-services.html
trade-repository.html
specialized-offerings
conventionpoint.html
finanzmuseum.html
terravis.html
the-swiss-stock-exchange
education.html
listing.html
market-data.html
trading.html
banking-services.html
financial-information.html
securities-services.html
spanish-stock-exchange.html
specialized-offerings.html
the-swiss-stock-exchange.html
services
legal
cookie-policy.html
privacy-statement.html
26
terms-of-use.html
404.html
search.html
blog.html
careers.html
company.html
contacts.html
home.html
market-data.html
newsroom.html
products-services.html
en
careers
apprentices
career-insights.html
commercial-apprenticeship.html
digital-business-developer-apprenticeship.html
it-apprenticeship.html
mediamatic-apprenticeship.html
schools.html
contacts
human-resources.html
discover
benefits-personal-growth.html
diversity-at-six.html
employees.html
professionals
it-careers.html
jobs-poland.html
jobs-spain.html
students-graduates
graduate-program.html
internship.html
27
working-students.html
apprentices.html
discover.html
jobs.html
professionals.html
students-graduates.html
company
contacts
head-office.html
governance
board-of-directors.html
compliance.html
executive-board.html
monitoring-and-regulation.html
risk-management.html
security.html
investors
annual-reporting.html
the-future-of-finance-is-now
research-reports.html
six-fintech-ventures.html
awards.html
events.html
governance.html
investors.html
procurement.html
sustainability.html
the-future-of-finance-is-now.html
contacts
banking-services.html
financial-information.html
securities-services.html
swiss-stock-exchange.html
28
market-data
bonds.html
data-services.html
etfs.html
etps.html
indices.html
mutual-funds.html
news-and-tools.html
shares.html
statistics.html
structured-products.html
newsroom
contacts
press-office.html
magazines
archive.html
pay-magazine.html
podcasts
six-podcast.html
swiss-exchange-podcast.html
imagery.html
magazines.html
media-contacts.html
media-releases.html
news.html
podcasts.html
red-newsletter.html
products-services
banking-services
atm-services
managed-services
cash-management.html
monitoring.html
transaction-processing
29
nfc.html
qr-code.html
atm-outsourcing.html
managed-services.html
transaction-processing.html
billing-and-payments
ebill-dd-project
financial-institutions.html
invoice-issuers.html
invoice-recipients.html
network-partners.html
direct-debits.html
ebill-dd-project.html
ebill.html
instant-payments.html
member-section.html
newsletter.html
payment-standards.html
qr-bill.html
scheme-on-scheme.html
data-ai
advanced-analytics.html
ai-outlook.html
payment-enrichment.html
debit-and-mobile-services
digital-services.html
issuer-services.html
issuing-processing.html
license-sponsoring.html
new-debit-products.html
six-account-gateway.html
interbank-clearing
eurosic
30
payments-ch-li.html
payments-euro-zone.html
sepa-payments.html
online-services
download-bank-master.html
inquiry-iid.html
system-status.html
eurosic.html
info-center.html
online-services.html
sic.html
payment-standardization
downloads-faq
download-center.html
faq.html
glossary.html
expertise
mandates.html
tools.html
standards
ebics.html
iban.html
iso-20022.html
qr-bill.html
sepa.html
downloads-faq.html
expertise.html
standards.html
swiss-payments.html
atm-services.html
billing-and-payments.html
blink.html
data-ai.html
31
debit-and-mobile-services.html
interbank-clearing.html
payment-standardization.html
financial-information
display-and-delivery-capabilities
apid.html
ips.html
mdf.html
regulatory-hub.html
six-api.html
six-connect.html
sixflex.html
sixid.html
vdf.html
esg-data
esg-data-hub.html
esg-regrisk-management.html
esg-solutions.html
indices-esg.html
indices
benchmark-regulation.html
crypto-indices.html
customized-indices.html
nordic-indices.html
swiss-indices.html
reference-pricing-data
corporate-actions-data.html
evaluated-pricing.html
fund-data.html
global-market-data.html
reference-data.html
regulatory-services
esg-regrisk-management.html
32
investor-protection.html
reporting-services.html
tax-and-compliance.html
display-and-delivery-capabilities.html
esg-data.html
indices.html
reference-pricing-data.html
regulatory-services.html
securities-services
clearing
clearing-membership.html
clearing-products.html
info-center.html
redirect.html
securities-finance
collateral-cockpit.html
info-center.html
repo.html
securities-lending-borrowing.html
triparty-collateral-management.html
settlement-and-custody
asset-servicing.html
global-fund-services.html
info-center.html
international-custody.html
issuer-services.html
settlement-and-t2s.html
swiss-custody.html
technical-connectivity.html
tax-services
advanced-tax-services.html
regulatory-tax-services.html
standard-tax-services.html
33
trade-repository
info-center.html
clearing.html
download-center.html
securities-finance.html
settlement-and-custody.html
tax-services.html
trade-repository.html
specialized-offerings
conventionpoint.html
finanzmuseum.html
terravis.html
the-swiss-stock-exchange
education
advanced-training.html
contacts.html
course-finder.html
derivatives-fundamentals.html
derivatives-master.html
equity-issuers.html
financial-markets.html
post-trading.html
pre-ipo.html
trading.html
listing
bonds.html
connexor.html
download-center.html
equities.html
etfs-etps-and-funds.html
structured-products.html
market-data
bonds.html
34
data-services.html
etf.html
etp.html
indices.html
mutual-funds.html
news-tools.html
shares.html
statistics.html
structured-products.html
trading
download-center.html
markets.html
participation.html
sustainability.html
trading-platform.html
trading-provisions.html
education.html
listing.html
market-data.html
trading.html
banking-services.html
financial-information.html
securities-services.html
spanish-stock-exchange.html
specialized-offerings.html
the-swiss-stock-exchange.html
services
legal
cookie-policy.html
privacy-statement.html
terms-of-use.html
404.html
search.html
35
blog.html
careers.html
company.html
contacts.html
home.html
market-data.html
newsroom.html
products-services.html
errorpages
assets
fonts
fontawesome
assets
fonts
icons
images
es
services
404.html
blog.html
home.html
etc.clientlibs
ihcc
components
list
newest_pages_list
assets
fonts
clientlibs.min.ACSHASH224cf70db02f020052852a2a9e41c627.css
libs
clientlibs-sixheadlibs.min.ACSHASHc9668fd2aecc0ecce259fcfbe70ed5f2.js
saas-aem-module
clientlibs
assets
36
fonts
clientlib-base.min.ACSHASHeeb19a6356227ee734443fa98c6b44d8.js
clientlib-dependencies.min.ACSHASHd41d8cd98f00b204e9800998ecf8427e.css
clientlib-dependencies.min.ACSHASHd41d8cd98f00b204e9800998ecf8427e.js
etc
designs
ihcc
images
icons
sixwebv2
build
images
logos
scripts
sixwebv2.min.ACSHASHa17bdb4595950f0127acc7a30da421cc.js
styles.min.ACSHASH44c1dbc6fc0ef25ce984b0b388758980.css
fr
products-services
banking-services
data-ai
ai-outlook.html
services
404.html
blog.html
it
services
404.html
.htpasswd
.passwd
account
account.asp
account.aspx
account.jsp
37
account.php
admin.htm
admin.html
admin.php
ajax.php
api.aspx
api.jsp
api.php
bigdump.php
cache
cache.asp
cache.aspx
cache.jsp
cache.php
callback
callback.asp
callback.aspx
callback.jsp
callback.php
config.php
configuration.php
cp
cp.asp
cp.aspx
cp.jsp
cp.php
customers
customers.asp
customers.aspx
customers.csv
customers.jsp
customers.php
database
38
database.asp
database.aspx
database.csv
database.jsp
database.php
databases.yml
db.csv
debug.php
download
download.asp
download.aspx
download.jsp
download.php
export
export.asp
export.aspx
export.jsp
export.php
file_manager
file_manager.asp
file_manager.aspx
file_manager.jsp
file_manager.php
file_upload
file_upload.asp
file_upload.aspx
file_upload.jsp
file_upload.php
files
files.asp
files.aspx
files.jsp
files.php
39
fileupload
fileupload.asp
fileupload.aspx
fileupload.jsp
fileupload.php
footer
footer.asp
footer.aspx
footer.jsp
footer.php
forgot
forgot.asp
forgot.aspx
forgot.jsp
forgot.php
functions
functions.asp
functions.aspx
functions.jsp
functions.php
global.asa.bak
global.asa.old
global.asa.orig
global.asa.temp
global.asa.tmp
header
header.asp
header.aspx
header.jsp
header.php
home
home.asp
home.aspx
40
home.jsp
home.php
htaccess.bak
id_dsa
index
index.asp
index.aspx
index.jsp
index.php
info
info.asp
info.aspx
info.jsp
install
install.asp
install.aspx
install.jsp
install.php
join
join.asp
join.aspx
join.jsp
join.php
log
log.asp
log.aspx
log.jsp
log.php
login
login.asp
login.aspx
login.jsp
login.php
41