[Another package has been delivered!]

1 minute ago, EvGym said:

https://www.online-toolz.com/tools/text-encryption-decryption.php
Make sure you scroll down to the decode section. Made that mistake the first time I opened this page.

 

Good catch, probably charset difference.

[Another package has been delivered!]

13 minutes ago, EvGym said:

you fell into the same trap I fell into. You are using the wrong online decrypter. It decrypts to:
"Trying to find clues again, are we? Truly, you are a curious one. Unfortunately for you, this too isn't the last time we will be seeing each other. But perhaps next time we meet... I will give you your final clue to finding the answer to all of this."

 

I don't know why it fails on most sites, but it does. online-toolz did it for me.

== are essentially null characters in base 64. Base64 encoded strings use A-Za-z0-9+/ with 1 or more = at the end. There is no doubt this is a base64 encoded string.

 

Mind linking the decoder you used then?

[Another package has been delivered!]

Alright, this one was a bit faster since the, y'know

Spoiler

obvious correlation 

 

Some spoilers for those who want to enjoy the puzzle and look for hidden stuff theirselves like the last time, you've been warned, here's what I thought from a quick 5 minute scan:

 

Spoiler

The URL this time is caesar cipher! the key is 3 and it translates to another-gift.

 

When going through the source code:

* Opening up a specific div shows the message: "Never miss a spot!"

 

* Besides the black on black- "In the end, her destiny is something she cannot run from. And I think the same is true... for me." There's also another comment in the same div:

Commented element: <!-- heehEEEHEEE HEEE HEHEEEHeheeEEEeeeheeheheheeeheHEHEHeheHEHe

NBoam0T0ifbxquoTB+rBbOn3cCZq62CFw3BL002PybK2+ngM7UeOKqhvV9Afa47xHj86lIbm6/W5Zr6mV9csF2XVgdExZiSy3znjlhfRMzztpjWSKRzOMEDxiv9mv9rCFp79JiKvsf61xx+AQ9RSm9Bdck+dzomiShN9wZJPCzhYhvCCfFYeMSxyPlZV3alPPBpZF1KsuzHI7mMesVdHm+ybUcgM8KK47Sl4JmEJnEi3iqBBwt0ut1EXDeNQcGMJB7ljOmIZK8slnONbNrov9lJ5FZ5E+qsjITFBr1khiyAupTO25MyKToxVIkvSet1VmpmpEhSbS9+fuNEP/AOT8w== --> The string doesn't appear to be a hash of any form nor is it a base64 string so, might spend some more time on it, maybe not, we'll see.

 

* Lighting up the gif doesn't give much, I downloaded it and tried messing around with it but yeah, seems like it's nothing, I'm running exif on it right now but I'm very doubtful it links to anything.

 

 

Well that's it, thanks for the present @SPU Delivery Guy

[A package has arrived!]

  

2 minutes ago, \/agrant said:

it's a mirror cipher

 

The blog is a mirror cipher, not the URL of the second part.

 

Anyhow, I ran exif and binwalk on the gif, ran the URL through pretty much every cipher I could think of, ran ScreamingFrog on the blog itself, can't find anything else. Looked around the html page itself for any other sneaky messages but nada.

Dumbed it down a bit and went through the individual frames of the gif...Nope. If anyone else has anything or is already in the third stage, lmk.