edit: the login under the ip address posted by /u/cipherme apparently only works for older accounts but it also only works if the password for the account is correct. so the clearnet server seems to have at least a slightly older copy of the data of actual dhl user table.
At the time of writing the claims that tomcheck made are still not proven. He claimed that the two server are the same. While the some of the header fields in the response header from both servers are the same, they are easily fake-able.
The only thing that would be very hard to fake is the exact date of the server down to the millisecond-range. However both servers just use the same timezone (GMT) and this is just one line in a config file to change that. And tomcheck will never be able to prove that the time that both servers use is the same down to the millisecond as explained here.
edit 3: the ip leak of a test server has been admitted by dhl, more information here https://www.reddit.com/r/DarkNetMarkets/comments/6r5o1s/dhl_market_current_problems_consider_avoiding/
Till tomcheck proves that the servers are using the exact same clock, not just the same timezone, his claim is not true.
I am now also in contact with cipherme so he can prove that he is the real cipher0007.
here the mod mail screen shots:
to show how tomcheck is not seeing it as necessary to prove his claims, resorts to insults and is in the 'infosec business' despite not knowing that ubuntu full disk encryption covers more than just the home directory:
very first thread: https://anonimage.net/gallery/oa6K3Ko4yW
first thread: https://anonimage.net/gallery/TwHQj5VJ9B
second thread: https://anonimage.net/gallery/2QY1l6o83G
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
The alleged IP address leaks that /u/CipherMe claimed to
have found are fake.
First, a big thanks to /u/DooshNozzzle who quickly provided
me with some invites to verify the claims that cipherme made.
Second, I created an account on the DHL hidden service, enabled
2FA with PGP and then made sure it was all set up correctly and
working on the hidden service. After that I tried logging in on
one of the IP addresses he posted but only got the 'invalid
username / password' error.
The posts of /u/CipherMe have been removed and he has been banned.
He can contact us mods in the mod mail if he wants to add something.
Discussion and consequences about the other issues also with
other markets will happen soon. This is just to clear up some F.U.D.
-----BEGIN PGP SIGNATURE-----
iQJ8BAEBCgBmBQJZgYZMXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQyRThEREY2QTcwQjBEM0JFQzVDNUJCMzRG
OUZGQTk4N0M4RDc2OEQ3AAoJEPn/qYfI12jXSTYP/165VlBet9CHAA2a3CSpesjH
pAZaONBCiZGasnVQGdbR6FrYkBjYtEcSsckjEF0DqKWyrTSvEx/cu4bFYiuhnSfA
mFTq5XneiGD3T2O3N5BZx2bI/S8hlOt8GFvSOUtNfyMTzWriTXJpKQpF55W+D+R6
MyCXZP0tXrZ59s4WQZmmHTclDVlaObh6jobAYoaUwrLGlpDczQxVCxhKv8HTZ948
16eF/8ZtzrL+FkexhgLzCwdeYj1bzSIaHWY+R2Lj0PPiYZXZI3ZdGgAUv4h3JVVh
/gpY0iHGZKn9ZdX4odlohFyT83rDv+31hg3hZVsbraWwBzDlf7M+yCfIpxUY7LLV
rvkBtxqAwMRKvs9D5pmAFQVlUCJuSoolZSQ7oDnxc+jSfUypCpwcSdP6fcQCzqDi
NNEGhJJneeX78WHmhID6Luq/JoUwfMfNMo/XrmWEjlmXWNXMYZzmqnsdtsJJGGxn
SITVwoDhejFCNRsFbyrVdZDSiJtLa5ey1tqjvmlSWWA+X0nZXA2oAp6DI+jn6BPY
jIGRLq2GxOW7G9FhQ5DuXqvkiiVnfgIk31XZqh90xV53qvMm7nFsGUbof2mNDRNH
qx3whQM92d6e1mHEBakxuui841DhNSL0EgQ3LXF8TN/CO7xlvm78d9UF30iv9NQg
r0MBON2D8Y38j2oBYGOs
=d+hE
-----END PGP SIGNATURE-----
nice job. thanks for getting to the bottom of this.
don't y'all be asking me for invites now. This was for a good cause.