As nuclearcat said, if it's over https and you never added an untrusted certificate to your browser, then you're safe.
Just make sure you never submit any form or any payment if the site is http. And sometimes even if the page is http and the forms are being submitted to an https url, your info can still be hijacked
Your ISP can't figure out what you're doing if the site is over https, they can only know the IP you're visiting and easily figure out the website(s) associated with it, and they can always save the encrypted data, but they can't read it as plain text.
anayman_k7 wroteAlfa/IDM (Areeba), Amazon, Google Merchant, AliExpress, Banggood and recently I bought from Virgin MegaStore, HiCart and LaptopKeys
HiCart uses Magento platform which by default stores the credit card as plain text in the database, I have no idea what payment gateways they use but it's the only thing that sounds suspicious in your list.