Another misconception, is that https will hide the web sites URL your visiting. This is not the fact.
Let's say I goto https://duckduckgo.com/ and I want to search for "best porn sites" on the net.
The result is, https://duckduckgo.com/?q=best+porn+sites&t=hx&ia=web
While the data transferred between duckduckgo server is encrypted through SSL/TLS, the URL is visible to your ISP, and all routers through the Trace Router circuit to duckduckgo.
This statement is not entirely accurate.... The ISP will be able to see the IP address of the server that you are contacting, but not the actual URL.
the "/q=best+porn+sites&t=hx&ia=web" but would not be visible to the ISP
They would be able to see the server name (duckduckgo.com) through the DNS queries that your PC made before starting to actually contact the remote web server, but not through the transaction directly with the remote web server. In that transaction, the server name in encoded within the request header as is the part of the URL after the first "/". They are encrypted by TLS and sent to the IP address of the remote web server.
If that remote web server is a shared web server, your ISP would have no idea which site on that server you were accessing except ny tying up the preceding DNS query with the actual webpage retrieval.
As for trust... As has been said above, the green "Extended validation" certificate notification says that the issuer has verified that the person requesting the certificate has authority to represent the organisation named on the certificate. They do not normally examine their trustworthyness. without the green certificate notification, the requetor may only need to prove ownership of the Internet domain.
for example if I registered he domain x64sbank.com I could set up a website and buy a certificate just beacuse I had the domain. However the padlock woould not be green, and the certificate details would probably say 'domain validated' or something similar insetead of an organisation name. If I wanted the green padlock, I'd need to prove ownershiop of a company - say GeeksBank ltd. - I could send in the company reg documentaion paperwork for "GeeksBank ltd" which owned x64sbank.com and get a certificate to prove exactly that.
So Green Padlock - you know WHO you're talking to. normal padlock - you are talking to the Server name that you intended to (nobody has intercepted the traffic and substituted a false reply), but you have no idea who runs that server.