Internet-Security.com TCP port 2375 details

TCP port 2375 is the default unsecured (HTTP) endpoint for the Docker Engine Remote API.
Docker Desktop and legacy Docker for Windows can expose the daemon on tcp://localhost:2375 to let the Docker CLI and other clients communicate with it.
Portainer connects to remote Docker hosts via tcp://host:2375 to manage containers, images, and networks.
Jenkins (via the Docker plugin) often targets DOCKER_HOST=tcp://host:2375 to build images and run containers on a remote Docker daemon.
GitLab CI’s docker:dind service and GitLab Runner commonly use the Docker API on 2375 in examples and setups when TLS is not enabled.
HashiCorp Nomad’s Docker driver can use DOCKER_HOST=tcp://host:2375 to control containers on a remote host.
Security: Attackers routinely scan for exposed 2375 and abuse it to deploy malicious containers or cryptominers (e.g., TeamTNT, Kinsing, Doki campaigns).
The TLS-protected alternative port for the Docker API is 2376.

TCP 2375