Your ISP can possibly see that you made a request to Cloudflare, but they won't know what's in the request. For any traffic that is not routed through the Distributed Privacy Mesh Network (IE not cloaked with IP scrambling), your ISP can see your destination IP address from your TLS ClientHello. This will include:
- large downloads and streaming (because Winston doesn't route them)
- anything using the Tor protocol
- anything that is whitelisted,
- HTTP traffic, if you select the option to not route it
- Potentially all your traffic if you select the option to not use the mesh network at all.