@Gargron checked multiple users that exclusively post from the "Mastodon Twitter Crossposter" client and found the IPs were the same, then checked curl and nslookup to verify the IP matched the domain of the crossposting site to be 100% sure
the actual issue is docker doesn't give a fuck about ufw rules so i gotta raw iptables this one