Internet-Security.com TCP port 4443 details

Harbor’s Notary service (Docker Content Trust) listens on TCP 4443 by default; Harbor distributions (including those embedded with VMware’s vSphere Integrated Containers) expose Notary on 4443.
Shibboleth Identity Provider deployments commonly place the back-channel SOAP endpoint on HTTPS TCP 4443 in academic SAML federations.
Fortinet FortiGate SSL VPN portals are frequently run on TCP 4443 when 443 is reserved for other services, as shown in Fortinet deployment guides and customer deployments.
OpenVPN servers are often configured to listen on TCP 4443 to traverse restrictive firewalls by mimicking alternate HTTPS.
pfSense installations often front-end services (e.g., HAProxy/NGINX reverse proxies) on TCP 4443 as an alternate HTTPS listener in real deployments.
Adversary command-and-control frameworks (e.g., Cobalt Strike and Metasploit) frequently use TCP 4443 as an HTTPS beacon/listener port to evade simple port-based filtering.

TCP 4443