Thanks to you all, I learned something new about nmap, the bit about official allocation
of ports, and to use only netstat to see which port is actually used and by which service.
A let us say feature of tvheadend is the explicit need to set an administrative account
with install ( they call it the superuser or backdoor user ), use this account to
login and first use of the web interface, and there to do it yet again as to register
a regular admin user. Both are mandatory and according to documentation must not be the same.
At the end of this process the file that contains the superuser name and password in plain text
should get purged.
But, while mandatory, it's possible to not setup a regular admin user within de web interface
and continue. As long as you don't reboot this will work, but if you restart your server it breaks
the access control. I suspect this is what happened to you, but easily resolved by setting up
the admin user after fore mentioned tvheadend restart with extra --noacl and -C options.
BTW, I'm not an expert on tvheadend just made every conceivable mistake with it and refused to quit.