Find the domain via certificate transparency logs like https:crt.sh, decode the hex-encoded label to reveal the flag.

Original writeup (https://www.nevi.dev/2021/01/31/writeup-justctf-2020/#forgotten-name-misc-web).