[Wildgoose]

Here's something nasty. The firewall where I am working (provided by Palo Alto Networks) can decrypt https and other "secure" traffic passing through it. I believe it auto-negotiates down to TLS 1.1 at which point it can decrypt everything to plain-text and can examine it to its hearts content.

They are supposed to whitelist financial addresses (such as banking details) but would you trust that to be happening?

[black-tea]

That's sadly quite normal in corporate networks. It only works because on your computer you have the firewall installed a root CA, though. If you didn't you would immediately be alerted of the man-in-the-middle attack the firewall is doing.