how full URLs are exposed when they are encrypted by HTTPS

As far as I know HTTPS URLs are encrypted (correct me if I’m wrong). There was a data leak recently and in one article about the leak I saw this picture: enter image description here

If HTTPS URLs are encrypted then how did ISP log full URL (notice fw-url)?