As of TLS 1.3, the ClientHello (which includes the Server Name Identification (SNI) extension) is still sent in plaintext. There is a current draft for encrypted client hellos[0], but I don't think its adoption is widespread. QUIC appears to encrypt the ClientHello; however, it does not protect from an attacker which can observe the initial connection packets[1].
Even so, I don't think many ISPs have the capability to do the DPI for observing SNI on a moments notice.