Later on, when CloudFlare receives the request, it checks for the Host header to redirect the traffic to the Popcorn Time API server. If an ISP wanted to ban that API, it would require Deep Packet Inspection to check in the HTTP Protocol Level every host. This is far more expensive than DNS blocking.