Originally Posted by
AnalogMan
Normal traffic routes all over the internet, there is no guarantee someone can get all of the packets and reassemble it into a coherent piece. The only exceptions are the intermediary who is carrying the traffic, i.e. your ISP, and see (and potentially logs/stores) all packets, and if you use a VPN - the VPN provider.
99.9x% of the time within large time windows of operation, your traffic to a given server will route through the same intermediaries.
Regarding paranoia about the insecurity of https, as long as your browser and website are using TLS 1.2 with a good cipher and block mode, no need to worry too much. Do remember to change your passwords periodically if you're super-paranoid in case someone decides to decrypt your passwords transmitted via today's secure ciphers years from now when today's ciphers are compromised.