You will have to sniff traffic from the very beginning of the TCP session in order to watch the SSL greeting back and forth. Once the encrypted session is configured, any single packet will be indistinguishable from random noise.
Otherwise, find a big flaw in the symmetric cipher. (Yes, encryption is really that good.)
Of course, assigning an address 443 is a hint that you are looking at an https connection ... But this is just an agreement.