I was already thinking that there probably was something off about the code used for generation. I still find it quite weird that they're invalid and valid at the same time though.. 
How exactly does KwFAa6AumokBD2dVqQLPou42jHiVsvThY1n25HJ8Ji8REf1wxAQb == KwFAa6AumokBD2dVqQLPou42jHiVsvThY1n25HJ8Ji8REGDgzcJ1 ? Does the checksum not matter with wif keys?
Or i guess they share the same private key, from which the adress is derived, and this WIF encoded from again, correct?
No, they're effectively different private keys... it is just the way the individual sites are coded to do their conversions.Or i guess they share the same private key, from which the adress is derived, and this WIF encoded from again, correct?
It would appear that some of the sites (ie. bitaddress.org and bitcoinpaperwallet.com) are simply truncating the generated HEX when converting from WIF to HEX. So they're effectively ignoring the last couple of digits... and keeping the "bad" leading 00's... which gives the impression that the "...wxAQb" WIF key == "...DgzcJ1" WIF key... which is obviously NOT true!
Whereas, the gobittest.appspot.com script... keeps the WHOLE hex and doesn't discard anything:
So, if we manually discard the leading 00's and keep the last 64 characters (32 bytes)... we get the "correct" hex key of: BF9C46A7C40AAF96ED20CFC0AB0F929D9BE1748AF89B37E9EFB4CDB98DA6B0CB