Services running on well-known ports such as port 25 and port 80 can be identified easily, as they are used by widely known applications such as the mail server and the web server. The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers, and the mapping can be identified from the port mapping file in every operating system. However, many organizations run applications on ports that are more suitable to their infrastructure. You will often see an intranet website running on port 8080 instead of port 80, or port 8443 instead of port 443.

The port mapping file is only a placeholder, and applications can run on any open port, as designed by the developer, defying the mapping set by IANA. This is exactly why you need to do a version scan to determine whether the web server is indeed running on port 80 and further analyze the version of that service.