Create 2 address Pools for each private IP and assosiated port
set security nat destination pool Address-1 address 192.168.1.1/32
set security nat destination pool Address-1 address port 80
set security nat destination pool Address-2 address 172.16.1.1/32
set security nat destination pool Address-2 address port 443
Destination NAT rule
set security nat destination rule-set Rule-set-1 from routing-instance default --> This can be zone or interface on whihc actual traffuc reach SRX
set security nat destination rule-set Rule-set-1 rule 1 match destination-address 4.4.4.4/32
set security nat destination rule-set Rule-set-1 rule 1 match destination-port 80
set security nat destination rule-set Rule-set-1 rule 1 then destination-nat pool Address-1
set security nat destination rule-set Rule-set-1 rule 2 match destination-address 4.4.4.4/32
set security nat destination rule-set Rule-set-1 rule 2 match destination-port 443
set security nat destination rule-set Rule-set-1 rule 2 then destination-nat pool Address-2
make sure you have security policies for each private IP zones, we dont have to specify them on NAT rule.