Probably not. It’s most likely automated scanning and the subdomains seem common enough to be included in wordlists. Another possibility is that the subdomains have leaked somehow, do you use LetsEncrypt? If so, the existence of your subdomains is public knowledge and can easily be picked up by bots.
I would be hesitant to put a squid proxy directly on the Internet as there is a history of vulnerabilities in that software and afaik a bunch of them are yet to be fixed.
First of all I would advise against trying to bypass the security controls your school implemented, but if I hypothetically would attempt to do what you’re trying I would probably set up a haproxy on a dedicated piece of hardware, such as a raspberry pi, and expose 443 to the Internet. I would configure a simple static website to serve as default, and add a ssh backend like in this guide: https://www.haproxy.com/blog/route-ssh-connections-with-haproxy
Now you can SSH to your backend by wrapping the connection with openssl s_client. From here you can do a dynamic port forwarding, which essentially acts as a socks proxy and finally connect to that with firefox
edit: slap a tls cert on that too for good measure. Helps with hiding the ssh traffic