Every time someone tries to reach your website over HTTP, they will be redirected to HTTPS. This is done by sending the visitor a small file containing the new HTTPS address for the requested URL. But that does generate a hit on the edge (Cloudflare server) for the HTTP connection. That’s what this stat is showing.
Websites normally get HTTP requests from bots (which may or not follow up the redirection directive) and by the few users who type in your URL in the address bar. Despite the current ubiquity of HTTPS, some browsers still have as default scheme HTTP, so if you only type
example.com without any scheme, the browser will first request HTTP, then, if redirected, request the HTTPS version of that URL.