Sunday, May 22, 2016

Saving SEC (Security Exchange Commission) one Google search at a time.

Saving SEC (Security Exchange Commission) one Google search at a time.

Can't really say this was a Google dork since I wasn't querying Google with a special search string. What happened was I was searching Google with my eyes wide open. I noticed in my search results that one of the items returned did not look like it belonged. Out of curiosity, I click on it. It took me a little while to realize what I was looking at.  An SEC document that a business had submitted that includes among other data  the business's bank name, the ABA (account routing number) and the account number and names of officials at the business. Enough information to make an attempt at hacking the bank account either thru a software or social engineering vulnerability that any good hacker could try.

The vulnerability was easy enough to prevent. Using OWASP Top Ten 2013 this vulnerability is A5 Security Misconfiguration, folders where the  documents were stored had public access when the permissions should have been restricted. 

But here is the point. Easy vulnerabilities are not easy to keep in front of developers and system admins. Organizations need to keep security in front of their IT staff. One easy way to do this is support organizations like OWASP and promote them to your staff. OWASP has lots of training, chapters meeting, etc that can help keep security in front of IT folks.

How do you or who do you notify that an organization has a cyber vulnerability? In my case, this wasn't easy. The SEC has the contact webmaster link. This wasn't really a website issue. The SEC website does have contact list but nothing on that page refers you to cyber vulnerabilities issues. I finally decided to use the SEC Tips, Complaints, and referrals website. I have checked and the vulnerability has been fixed. I have not received any correspondence from the SEC thanking me or telling me the vulnerability is fix.

Questions, 
* Should organizations include a link if a visitor to the site sees something wrong with a website instead of the webmaster? 
* What about alerting an organization to any security vulnerability? 
* Should the US government and or commercial businesses have one common website to alert to for cyber issues? 

We have the CVE but it isn't designed to alert organizations of a vulnerability while keeping the information private while the vulnerability is being fix. 

* Is this something that open source project can help with?

Here is one of the documents I found. I have XXXX out information on the company, people names, and bank account information, and other IRS identifying information. I do undestand that some of the information in this document is public knowledge of a public traded company of the exchange. ABA and account number and bank names are should not be public information.

-----BEGIN PRIVACY-ENHANCED MESSAGE-----
Proc-Type: 2001,MIC-CLEAR
Originator-Name: webmaster@www.sec.gov
Originator-Key-Asymmetric:
 MFgwCgYEVQgBAQICAf8DSgAwRwJAW2sNKK9AVtBzYZmr6aGjlWyK3XmZv3dTINen
 TWSM7vrzLADbmYQaionwg5sDW3P6oaM5D3tdezXMm7z1T+B+twIDAQAB
MIC-Info: RSA-MD5,RSA,
 MmS+lC5NujlDHwNjUELz3rLoMclvZ1nv4FS4aXJun+eNFZUZDpGo2eb7jUUMOpEs
 +b8xOtqa7/rPIkNQdE7oGA==

<SEC-DOCUMENT>0001131312-07-000011.txt : 20070201
<SEC-HEADER>0001131312-07-000011.hdr.sgml : 20070201
<ACCEPTANCE-DATETIME>20070201154033
ACCESSION NUMBER: 0001131312-07-000011
CONFORMED SUBMISSION TYPE: 424B3
PUBLIC DOCUMENT COUNT: 2
FILED AS OF DATE: 20070201
DATE AS OF CHANGE: 20070201

FILER:

COMPANY DATA:
COMPANY CONFORMED NAME: XXXXX OIL & GAS
CENTRAL INDEX KEY: 0009999999
STANDARD INDUSTRIAL CLASSIFICATION: OIL AND GAS FIELD EXPLORATION SERVICES [1382]
IRS NUMBER: 200069999
STATE OF INCORPORATION: DE
FISCAL YEAR END: 1231

FILING VALUES:
FORM TYPE: 424B3
SEC ACT: 1933 Act
SEC FILE NUMBER: 333-999999
FILM NUMBER: 075999999

BUSINESS ADDRESS:
STREET 1: xxxxxxxxxxx
STREET 2: xxxxxxxxxxx
CITY: DALLAS
STATE: TX
ZIP: 9999999
BUSINESS PHONE: xxxxxxxxx

MAIL ADDRESS:
STREET 1: xxxxxxxxxx
STREET 2: xxxxxxxxxx
CITY: DALLAS
STATE: TX
ZIP: 999999
</SEC-HEADER>
<DOCUMENT>
<TYPE>424B3
<SEQUENCE>1
<FILENAME>prossup4.htm
<DESCRIPTION>SUPPLEMENT # 4
<TEXT>
<HTML>
<HEAD>
<META CONTENT="text/html; charset=windows-1252">
<META NAME="Generator" CONTENT="Microsoft Word 11.0">
<TITLE>PROSSUP4</TITLE>
</HEAD>
<BODY>
<CENTER><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=1 WIDTH=1300>
<TR><TD WIDTH="43%" VALIGN="TOP">
<P ALIGN="LEFT">Prospectus Supplement No. 4</TD>
<TD WIDTH="14% "VALIGN="TOP"></TD>
<TD WIDTH="43%" VALIGN="TOP">Filed pursuant to Rule 424(b)(3)</TD>
</TR>
<TR><TD WIDTH="43%" VALIGN="TOP">
<P ALIGN="LEFT">To Prospectus dated September 26, 2006</TD>
<TD WIDTH="14% "VALIGN="TOP"></TD>
<TD WIDTH="43%" VALIGN="TOP">File No. 333-131275</TD>
</TR>
</TABLE>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">&nbsp;</P>
<P ALIGN="LEFT">&nbsp;</P>
<B><P ALIGN="CENTER">xxxxxxxxxx, INC.</P>
</B><P ALIGN="CENTER"></P>
<P ALIGN="JUSTIFY">This document supplements the prospectus dated September 26, 2006, as supplemented on November 21, 2006, December 14, 2006 and January 9, 2007, relating to the offer and sale of a minimum of 350,000 up to a maximum of 2,000,000 shares of our common stock.  This prospectus supplement is incorporated by reference into the prospectus.  This prospectus supplement is not complete without, and may not be delivered or utilized except in connection with, the prospectus, including any amendments or supplements to the prospectus.</P>
<P ALIGN="JUSTIFY"></P>
<B><U><P ALIGN="JUSTIFY">Second Closing, Continuing Offering and Subsequent Closings</P>
</B></U><P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">Following the receipt and acceptance on January 26, 2007 of subscriptions in a total amount of $2,008,111 for 286,873 shares of our common stock pursuant to the terms of our offering subject of the prospectus, xxxxxx scheduled a second closing of the offering. All subscriptions subject to the accepted agreements were for cash.</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">The second closing took place on January 29, 2007. At the second closing xxxxxx issued 286,873 shares of its common stock in accordance with the instructions of the subscribers and issued instructions to the escrow agent to disburse proceeds of the subscriptions in the amount of $1,750,153 to the company. The remaining $227,578 of funds in the escrow account were distributed at the second closing to Network 1 Financial Services, Inc., the underwriter of the offering, in accordance with the terms of underwriting agreement as described at pages 16-17 of the prospectus ("PLAN OF DISTRIBUTION - Underwriting Agreement"), as follows: $111,719 in commissions, $55,859 of expense reimbursement and $60,000 in financial advisory and investment banking fees. At the second closing, xxxxxx also issued to the underwriters in accordance with the terms of the underwriting agreement, an Underwriter's Warrant to purchase 6,593 shares of xxxxx common stock at a price of $8.75 per share to be exercisable for a peri
od beginning six months after the final closing of the offering and expiring on December 28, 2009.</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">The offering with respect to the remaining 1,276,220 shares of xxxxx's common stock being offered pursuant to the prospectus will continue in accordance with the "PLAN OF DISTRIBUTION" as described at pages 16-18 of the prospectus until the receipt and acceptance of the maximum offering of 2,000,000 shares or March 26 (which date may be extended by us for up to an additional 60 days) whichever occurs first - unless earlier terminated. One or more interim closings may take place between the second and final closing. We have scheduled another closing for February 28, 2007 and have set February 16, 2007 as the date by which subscriptions must be received in order to be included in such closing, provided documentation is in order and funds received by the closing. Subscriptions received after the cutoff date which are not able to be closed on by the scheduled closing date will continue to be deposited in the xxxxx escrow account at Sterling Trust Company pending their acceptance and disbursement
 in the context of subsequent closings. Terms of the continuing offering will be the same as the terms prior to the second closing, with a per share price of $7.00 and a 100 share minimum.</P>
<P ALIGN="JUSTIFY"></P>
<B><U><P ALIGN="JUSTIFY">Market for Common Stock</P>
</B></U><P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">Shares of our common stock commenced trading on the American Stock Exchange on January 3, 2007 under the ticker symbol <B>ZN</B>. Since then and through the January 29, 2007 the highest sales price was $14.05 and the lowest sales price was $7.05. See Supplement No. 2 at page 2 ("American Stock Exchange Listing and Commencement of Trading").</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">Following the second closing there are approximately 2,800 holders of record of our common stock.</P>
<P ALIGN="JUSTIFY"></P>
<B><U><P ALIGN="JUSTIFY">Use of Proceeds</P>
</B></U><P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">As described above, upon our instructions at the initial closing, the escrow agent released the $2,008,111 of funds in the escrow account as follows: $227,578 to the underwriter in payment of $111,719 of commissions, $55,859 of expenses and a $60,000 financial advisory investment banking fee due underwriter in accordance with the terms of the underwriting agreement. The remaining $1,750,153 were released to the company for use by the company for the purposes and in the amounts described at pages 7-9 of the prospectus ("USE OF PROCEEDS"). These funds have been deposited in interest bearing accounts in our depository banks in the United States and xxxxx pending their use in furtherance of our plan of operations as described in the prospectus at pages 11-13 ("PLAN OF OPERATIONS AND MANAGEMENT'S DISCUSSION" "-- Basic Plan" and "-- Milestones for the Plan of Operations") and in accordance with the "USE OF PROCEEDS" section at pages 7-9 of the prospectus. </P>
<P ALIGN="JUSTIFY"></P>
<B><U><P ALIGN="JUSTIFY">Submission of Application for Asher-Menasseh Exploration License</P>
</B></U><P ALIGN="JUSTIFY"></P>
<P ALIGN="LEFT">On January 31, 2007, xxxxxx filed an application with the xxxxx Petroleum Commission for a petroleum exploration license, tentatively denominated the xxxxxxxx License, on approximately 81,000 acres north of xxxxxxx's 99,000 acre xxxxxx License. The acreage subject to application includes primarily acreage which was subject to xxxxx's xxxxxxxxxx Permit as reduced in accordance with the provisions of the xxxxxx Petroleum Law, together with a small addition of acreage abutting to the north of the lands subject to the Asher Permit. </P>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">The application was submitted in accordance with the terms of xxxx's xxxx Permit, together with xxxxx's Final Report and Prospect Identification, upon the termination of the xxxxx Permit on January 31. In the context of the<FONT SIZE=3> </FONT>application, xxxxx proposed a work program to include the acquisition of 20 kilometers of new seismic lines in the xxxxxxx (xxxxx Heights) region and the drilling of a test well, tentatively designated the xxxxxxx #1, to the Triassic formation.</P>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">xxxxx's application is subject to the review and approval of the xxxxx Petroleum Commissioner, in consultation with the statutory Petroleum Council. xxxx does not know when the Commissioner and Council will consider the application or what the results of such consideration will be.</P>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">See  the  prospectus  at  pages  43-44  ("BUSINESS AND PROPERTIES -- Properties") and at page 45 ("--xxxxxx's Petroleum Law -- Preliminary Permit" and "-- License").</P>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">A map of the lands subject to the license application overlaid on the boundaries of the xxxxx Permit and the company's xxxxxx License follows:</P>
<P ALIGN="LEFT"></P>
<P ALIGN="CENTER"><img src="image26.jpg" WIDTH=443 HEIGHT=539></P>
<P ALIGN="LEFT"></P>
<B><U><P ALIGN="JUSTIFY">Related Party Transactions</P>
</B></U><P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">On January 17, 2007, following the initial closing and in accordance with its terms, we repaid Ms. xxxxxxxxx, one of our shareholders, the $75,000 outstanding principal balance outstanding under the credit facility extended by Ms. xxxxxxx to the company, together with accrued interest thereon. See prospectus at page 30 ("CERTAIN RELATIONSHIPS AND RELATED PARTY TRANSACTIONS").</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">On January 18, 2007, following approval by the Audit Committee, we repaid xxxxxxx Resources, Inc., a company owned by xxxxxxx, our Chief Executive Officer, the remaining $32,000 principal balance outstanding under a loan facility extended by xxxxx to xxxxx, together with accrued interest thereon.. See prospectus at page 28 ("CERTAIN RELATIONSHIPS AND RELATED PARTY TRANSACTIONS").</P>
<P ALIGN="JUSTIFY"></P>
<B><U><P ALIGN="JUSTIFY">Amendment to Bylaws</P>
</B></U><P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">On January 24, 2007, our board of directors amended our bylaws by adding a provision clarifying that shares in xxxxxx did not have to be represented by physical certificates, but could be represented by book entries in our stock register only. Since the initial closing on December 29, 2006, our stock register is being maintained by our registrar and stock transfer agent, Registrar and Transfer Company Cranford, New Jersey.    See    prospectus at    page 38    ("DESCRIPTION OF SECURITIES    --  Amendments"    "-- Transfer Agent and Registrar").</P>
<P ALIGN="JUSTIFY"></P>
<B><U><P ALIGN="JUSTIFY">Modification of the Subscription Agreement</P>
<P ALIGN="JUSTIFY"></P>
</B></U><P ALIGN="JUSTIFY">The subscription agreement has been amended to read as shown on the two pages following this one.</P>
<P ALIGN="JUSTIFY"></P>
<B><P ALIGN="JUSTIFY">Investing in our common stock is very risky.  See "Risk Factors" commencing at page 2 of the prospectus to read about the risks that you should consider before buying shares of our stock.</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">Neither the U.S. Securities and Exchange Commission nor any state securities commission has approved or disapproved of these securities or determined if the prospectus or any prospectus supplement is truthful or complete.  Any representation to the contrary is a criminal offense.</P>
<P ALIGN="LEFT"></P>
</B><P ALIGN="CENTER">The date of this prospectus supplement is February 1, 2007.</P>
<P ALIGN="LEFT"></P>
<HR>
<B><I><FONT FACE="Wide Latin" SIZE=4><P ALIGN="CENTER">xxxx&amp; Gas, Inc.</P>
</I></FONT><FONT SIZE=3><P ALIGN="CENTER">REVISED SUBSCRIPTION AGREEMENT (and Substitute IRS Form W-9)</P>
<P ALIGN="CENTER">&nbsp;</P>
</FONT><U><FONT SIZE=1><P ALIGN="JUSTIFY">INVESTOR PROFILE:  (Please completely fill all items below)</P></B></U></FONT>
<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=7 WIDTH=680>
<TR><TD VALIGN="TOP">
<B><FONT SIZE=1><P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">TITLE OF ACCOUNT__________________________________________________________________________________________</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">MAIL ADDRESS (Street, City, State, Zip)__________________________________________________________________________</P>
<P ALIGN="RIGHT">                                                                                                                                                              </P>
<P ALIGN="JUSTIFY">NAME OF BENEFICIAL OWNER/PURCHASER___________________________________________________________________</P>
<P ALIGN="JUSTIFY">                                                                                                                                                                                           How many years at home address?____</P>

<P ALIGN="JUSTIFY">HOME (BENEFICIAL) ADDRESS                                                                                                                              </P>
<P ALIGN="JUSTIFY">(If different from mail address)____________________________________________________________________________________</P>
<P ALIGN="JUSTIFY"></P>
</B><P ALIGN="JUSTIFY">Under Federal Law, we are now required to obtain photo identification of investors.  Please indicate below and attach to this subscription form the identification you are providing (by filling in the ID number).  Your photo information will remain strictly confidential and will not be used for any purpose other than your purchase of Shares.  </P>
<B><P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">PASSPORT #______________ or DRIVER'S LICENSE #_________________ STATE____ or  OTHER:_________#___________</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="LEFT">DATE OF BIRTH ______________ SS# or TAX ID#_______________ MARITAL STATUS________ # OF DEPENDENTS____</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="LEFT">PHONE: (W)__________________________(H) _________________________________ (M) _______________________________   </P>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">EMAIL:______________________________________________________________________________________________________</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="LEFT">EMPLOYER  _____________________________________ BUSINESS________________ POSITION _______________#YRS___</P>
</B><P ALIGN="LEFT"></P>
<B><P ALIGN="LEFT">ANNUAL INCOME ______________ NET WORTH _____________ LIQUID NET WORTH _____________TAX RATE____%</P>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">PRINCIPAL BANK NAME ______________________________________INVESTMENT EXPERIENCE (# OF YEARS) ______</P>
</B><P ALIGN="LEFT">(All the financial information above is required by the Patriot Act and new rules of the National Association of Securities Dealers.)</FONT></TD>
</TR>
</TABLE>

<FONT SIZE=1><P ALIGN="JUSTIFY"></P>
<B><U><P ALIGN="JUSTIFY">JOINT INVESTOR: (Fill out if applicable)</P></B></U></FONT>
<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=7 WIDTH=679>
<TR><TD VALIGN="TOP">
<B><FONT SIZE=1><P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">PASSPORT #______________ or DRIVER'S LICENSE #_________________ STATE____ or  OTHER:_________#__________</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="LEFT">DATE OF BIRTH ______________ SS# or TAX ID#__________________ EMAIL_______________________________________</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="LEFT">EMPLOYER  _____________________________________ BUSINESS________________ POSITION _______________#YRS___</B></FONT></TD>
</TR>
</TABLE>

<B><FONT SIZE=1><P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">INVESTMENT:&#9;&#9;&#9;&#9;&#9;&#9;&#9;WIRE TRANSFER (Instructions on reverse side)</P></B></FONT>
<P ALIGN="CENTER"><CENTER><TABLE BORDER=0 CELLSPACING=1 CELLPADDING=7 WIDTH=675>
<TR><TD WIDTH="54%" VALIGN="TOP">
<FONT SIZE=1><P ALIGN="LEFT"></P>
<P ALIGN="LEFT">Shares Purchased ____________ Dollar Amount $___________</P>
</FONT><FONT FACE="Wingdings 2" SIZE=1><P ALIGN="LEFT"></P>
<P ALIGN="LEFT">5</FONT><FONT SIZE=1> Initial Purchase  </FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> 2nd  </FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> 3rd  </FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> 4th   </FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> 5th  </FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> __th</P>
</FONT><FONT FACE="Wingdings 2" SIZE=1><P ALIGN="LEFT"></P>
<P ALIGN="JUSTIFY">5</FONT><FONT SIZE=1> CHECK ENCLOSED            CHECK NUMBER ________</FONT></TD>
<TD WIDTH="46%" VALIGN="TOP">
<FONT SIZE=1><P ALIGN="LEFT"></P>
<P ALIGN="LEFT">SENDING BANK ___________________________</P>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">City_______________ST___Phone_____________</P>
<P ALIGN="LEFT"></P>
<P ALIGN="JUSTIFY">WIRE #_________________DATE SENT _______</FONT></TD>
</TR>
</TABLE>
</CENTER></P>

<B><FONT SIZE=1><P ALIGN="JUSTIFY"></P>
<U><P ALIGN="JUSTIFY">CERTIFICATE DELIVERY ELECTION </B>(Please choose one of the three following options)<B>:</P>
</B></U></FONT><FONT FACE="Wingdings 2" SIZE=1><P ALIGN="JUSTIFY">5</FONT><B><FONT SIZE=1> PHYSICAL DELIVERY:  </B>Please<B> </B>deliver the physical certificate representing my Shares to the mailing address above.</P>
</FONT><FONT FACE="Wingdings 2" SIZE=1><P ALIGN="JUSTIFY">5</FONT><B><FONT SIZE=1> NETWORK 1 ACCOUNT: </B>Please send me documents to open a Network 1 account and electronically deposit my Shares with the transfer agent so they can be transferred into such an account after being issued. </P>
</FONT><FONT FACE="Wingdings 2" SIZE=1><P ALIGN="JUSTIFY">5</FONT><B><FONT SIZE=1> OTHER BROKER ACCOUNT: </B>Please send my Shares to my brokerage account:</P>
<P ALIGN="JUSTIFY">  </P>
<P ALIGN="JUSTIFY">  FIRM NAME_________________________________Address__________________________City_______________ST____Zip______</P>
<P ALIGN="JUSTIFY">  NAME ON MY ACCOUNT_________________________________________________________ACCT#_____________</P>
<B><U><P ALIGN="LEFT"></P>
<HR>
<P ALIGN="LEFT">xxxxxx OIL &amp; GAS, INC. Subscription Agreement...Page 2</P>
<P ALIGN="JUSTIFY"></P>
<P ALIGN="JUSTIFY">ACCOUNT CLASSIFICATION</U>:  </P>
</B></FONT><FONT FACE="Wingdings 2" SIZE=1><P ALIGN="JUSTIFY">5</FONT><FONT SIZE=1> INDIVIDUAL&#9;</FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> JTWROS &#9;</FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> ESTATE  </FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> IRA/KEOGH&#9;</FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> TEN COM&#9;</FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> CORP (Supply corp resolution)</P>
</FONT><FONT FACE="Wingdings 2" SIZE=1><P ALIGN="JUSTIFY">5</FONT><FONT SIZE=1> CUST/UGMA (STATE:_______)   </FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> TRUST (Supply trust agreement)&#9;</FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> PARTNERSHIP (Supply partnership agreement)</P>
</FONT><FONT FACE="Wingdings 2" SIZE=1><P ALIGN="JUSTIFY">5</FONT><FONT SIZE=1> OTHER:______________________________ (e.g. Investment Club, Sole Proprietor, Non-profit, Pension Plan, Profit Sharing Plan)</P>
</FONT><FONT FACE="Wingdings 2" SIZE=1><P ALIGN="JUSTIFY">5</FONT><FONT SIZE=1> IF FIDUCIARY, STATE NAMES OF PRINCIPAL OFFICERS:_______________________________________________________</P>
<B><U><P ALIGN="LEFT">&nbsp;</P>
<P ALIGN="JUSTIFY">ARE YOU A U.S. CITIZEN?  </B></U></FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1>YES     </FONT><FONT FACE="Wingdings 2" SIZE=1>5</FONT><FONT SIZE=1> NO                IF NO, PLEASE INDICATE COUNTRY:<B><U> </B></U>___________________________</P>
<P ALIGN="JUSTIFY"></P>
<B><P ALIGN="JUSTIFY">BROKER-DEALER/REGISTERED REPRESENTATIVE DATA </B>(broker-dealer use only)<B>: </P></B></FONT>
<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=7 WIDTH=696>
<TR><TD VALIGN="TOP">
<FONT SIZE=1><P ALIGN="LEFT"></P>
<P ALIGN="LEFT">Broker-Dealer NASD Firm Name: ________________________ Registered  Representative:_____________________________________</P>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">Address: _______________________________________ Phone:______________Email:________________________________________</FONT></TD>
</TR>
</TABLE>

<B><FONT SIZE=1><P ALIGN="LEFT"></P>
</FONT><FONT FACE="Times" SIZE=1><P ALIGN="LEFT">IRS FORM W-9 CERTIFICATION: &#9;&#9;&#9;</P></B></FONT>
<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=7 WIDTH=696>
<TR><TD VALIGN="TOP">
<FONT SIZE=1><P ALIGN="LEFT">Under penalties of perjury, I certify that:</P>
<OL>

<P ALIGN="LEFT"><LI>The Internal Revenue Service does not require your consent to any provision of this document other than the certifications required to avoid backup withholding;</LI></P>
<P ALIGN="LEFT"><LI>The number shown on this form is my correct taxpayer identification number, and I am not subject to backup withholding because: (a) I am exempt from backup withholding; (b) I have not been notified by the Internal Revenue Service (<B>IRS</B>) that I am subject to backup withholding as a result of a failure to report; or (c) the (<B>IRS</B>) has notified me that I am no longer subject to backup withholding; and</LI></P>
<P ALIGN="LEFT"><LI>I am a U.S. person (including a U.S. resident alien).</LI></P></OL>

<B><P ALIGN="LEFT">The Internal Revenue Service does not require your consent to any provision of this document other than the certifications required to avoid backup withholding</B>.  If exempt, indicate type of entity:______________</FONT></TD>
</TR>
</TABLE>

<B><FONT SIZE=1><P ALIGN="JUSTIFY"></P>
<U><P ALIGN="LEFT">PURCHASE AGREEMENT:</P>
</B></U><P ALIGN="JUSTIFY">The Investor named above, by payment of <U>a wire transfer or check payable to</U> <B>xxxxxx &amp; GAS ESCROW ACCOUNT</B>, hereby subscribes for shares of common stock, $.01 par value ("the Shares") indicated above (minimum purchase of 100 shares at a purchase price of $7.00 per Share) of xxxxxxx &amp; Gas, Inc. If the dollar amount and number of Shares do not match, the dollar amount shall govern.  No fractional Shares shall be purchased and any excess funds representing fractional Shares shall be returned to the Investor. By such payment, the named Investor acknowledges receipt of the Prospectus and any supplements, the terms of which govern the investment in the Shares.   <B>The date of this agreement is:</B> ______________.</P>
<P ALIGN="JUSTIFY"></P>
<B><U><P ALIGN="JUSTIFY">SIGNATURES</B>:</U> By signing below, I/we represent that I/we have relied on the information set forth in the Prospectus, as and if amended or supplemented and free writing prospectuses on file with the Securities and Exchange Commission, and on no other statement whatever, whether written or oral.   The information set forth above (including the IRS Form W-9 Certification and SS# or Tax ID#) is true and correct.</P>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">Signatures - Registered Owner: ________________-____________&#9;Co-Owner: _________________________________</P>
<P ALIGN="LEFT">&nbsp;</P>
<P ALIGN="LEFT">PRINTED NAME(S):____________________________________&#9;&#9;    __________________________________</P>
<B><U><P ALIGN="LEFT"></P>
<P ALIGN="LEFT">ACCEPTANCE--xxxxxxx &amp; GAS, INC. </U>  &#9;</B>Signature:_________________________________________________ </P>
<P ALIGN="LEFT"></P>
<P ALIGN="LEFT">&#9;&#9;&#9;&#9;&#9;&#9;&#9; Name:________________________Title_____________Date_______</P>
<B><U><P ALIGN="LEFT"></P>
<P ALIGN="LEFT">SUBMITTAL INSTRUCTIONS:</P></B></U></FONT>
<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=7 WIDTH=686>
<TR><TD WIDTH="48%" VALIGN="TOP">
<B><FONT SIZE=1><P ALIGN="LEFT">Subscription Agreements and Checks (payable to xxxxxxx &amp; Gas Escrow Account).....Send to:</P>
</B><P ALIGN="LEFT">     xxxxxxxxxxxxx, Inc.,  </P>
<P ALIGN="LEFT">     Corporate Securities Department</P>
<P ALIGN="LEFT">     xxxxxxxxxxxxxxx, </P>
<P ALIGN="LEFT">     xxxxxxxxxxxxxxx</P>
<P ALIGN="LEFT">     Phone xxxxxxxxxxxx  Fax xxxxxxxxxxxxx  </FONT></TD>
<TD WIDTH="52%" VALIGN="TOP">
<B><FONT SIZE=1><P ALIGN="LEFT">Wire Transfers:</P>
<P ALIGN="LEFT"></P>
</B><P ALIGN="LEFT">     xxxxxxxx, xxxxxx, xx</P>
<P ALIGN="LEFT">     ABA Routing No. xxxxxxxxxx</P>
<P ALIGN="LEFT">     Account No. xxxxxxxxx </P>
<P ALIGN="LEFT">     Acct: xxxxxxxxxxx. </P>
<P ALIGN="LEFT">               FBO: xxxxxxxxxxxx Escrow Acct</FONT></TD>
</TR>
</TABLE>

<P ALIGN="LEFT"></P>
<P ALIGN="LEFT"></P></BODY>
</HTML>
</TEXT>
</DOCUMENT>
<DOCUMENT>
<TYPE>GRAPHIC
<SEQUENCE>2
<FILENAME>image26.jpg
<DESCRIPTION>GRAPHIC FOR SUPPLEMENT # 4
</DOCUMENT>
</SEC-DOCUMENT>
-----END PRIVACY-ENHANCED MESSAGE-----