Delete obsolete PassThePopcorn rule

[half-duplex]

All subdomains now redirect to https with long-duration HSTS

[Hainish]

This domain is likely to be removed from the HSTS preload list, since it lacks the preload directive in the header:

user@https-everywhere ~/workspace/https-everywhere (hsts-removal) $ curl -I https://passthepopcorn.me
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2017 00:53:08 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Set-Cookie: __cfduid=df0b24518440bd8e67b12f19f9cacfcfb1484268787; expires=Sat, 13-Jan-18 00:53:07 GMT; path=/; domain=.passthepopcorn.me; HttpOnly
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=nk4qulq9dtabcguam7bla5e7l5; path=/; secure; HttpOnly
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Fri, 13 Jan 2017 02:53:08 GMT
Last-Modified: Fri, 13 Jan 2017 00:53:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1;mode=block
Server: cloudflare-nginx
CF-RAY: 3204de935e0611d1-SJC

See #7126 (comment) for additional context

[half-duplex]

It may be good to clarify removal criteria.
Either way, appears fixed:
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload