Internet-Security.com TCP port 2376 details

TCP 2376 is the default TLS-secured port for the Docker Engine Remote API (Moby/Docker) over HTTPS.
Docker Machine and the legacy Docker Toolbox/Boot2Docker VMs expose the Docker daemon on 2376 with client-certificate auth.
Docker Desktop’s older VM-based setups and Kitematic used 2376 to talk to the Linux Docker VM via TLS.
Portainer connects to remote Docker endpoints over TLS on 2376 for engine management.
VMware vSphere Integrated Containers (VCH) provides a Docker API–compatible endpoint on 2376 by default.
Some OS/appliance images with Docker (e.g., RancherOS when configured for remote access) listen on 2376 with TLS enabled.
CI/CD tools like GitLab Runner and Jenkins’ Docker plugins commonly use 2376 to reach a remote Docker daemon via TLS.
Security: attackers scan for exposed Docker APIs on 2375/2376; misconfigured or leaked TLS certs on 2376 have been used to run malicious containers and deploy cryptominers (e.g., TeamTNT).

TCP 2376