Internet-Security.com TCP port 443 details

TCP port 443 is the default for HTTPS (HTTP over TLS) used by web servers like Apache HTTP Server, Nginx, and Microsoft IIS.
Web browsers (Chrome, Firefox, Edge, Safari) connect to sites and APIs over 443.
Modern protocols over 443 include HTTP/2 and WebSocket Secure (wss), used by services like GitHub, Slack, and Zoom’s web endpoints.
Cloud APIs and storage use 443, including AWS S3, Google Cloud Storage, Azure Blob Storage, Stripe, and PayPal.
Reverse proxies/CDNs/load balancers terminate TLS on 443, e.g., HAProxy, Envoy, F5 BIG‑IP, AWS Application Load Balancer, Cloudflare, and Akamai.
Development and package tooling uses 443: Git over HTTPS (GitHub, GitLab, Bitbucket), pip to PyPI, npm to registry.npmjs.org, apt over HTTPS, and Docker image pulls from registries.
Enterprise apps use 443 for secure access, including Microsoft Exchange/Outlook on the web, SharePoint Online, Microsoft 365, and RDP via RD Gateway.
VPN products often run on 443/TCP, such as OpenVPN, Cisco AnyConnect (ASA/FTD), and Palo Alto GlobalProtect portals/gateways.
Port 443 is commonly abused for hacking, including HTTPS-based malware C2 traffic and exploits targeting SSL VPN/web gateways (e.g., Pulse Secure, Fortinet FortiGate, and Citrix ADC vulnerabilities).

TCP 443