¡Ya disponible! Investigación de Telegram 2025 — los principales insights del año 
Void Verge
Ir al canal en Telegram
We study, test, and innovate against censorship barriers — building tools, strategies, and communities that keep the open internet alive.
Mostrar más📈 Análisis del canal de Telegram Void Verge
El canal Void Verge (@voidverge) es un actor destacado. Actualmente la comunidad reúne a 15 761 suscriptores, ocupando la posición 8 314 en la categoría Tecnologías y Aplicaciones y el puesto 20 821 en la región Irán.
📊 Métricas de audiencia y dinámica
Desde su creación el невідомо, el proyecto ha mostrado un crecimiento acelerado, reuniendo a 15 761 suscriptores.
Según los últimos datos del 16 junio, 2026, el canal mantiene una actividad estable. En los últimos 30 días la variación de miembros fue de -641, y en las últimas 24 horas de -35, conservando un alto alcance.
- Estado de verificación: No verificado
- Tasa de interacción (ER): El promedio de interacción de la audiencia es 138.98%. Durante las primeras 24 horas tras publicar, el contenido suele obtener N/A% de reacciones respecto al total de suscriptores.
- Alcance de las publicaciones: Cada publicación recibe en promedio 21 925 visualizaciones. En el primer día suele acumular 0 visualizaciones.
- Reacciones e interacción: La audiencia responde de forma activa: el promedio de reacciones por publicación es 579.
- Intereses temáticos: El contenido se centra en temas clave como iran, این, cloudflare, vwarp, configuration.
📝 Descripción y política de contenido
El autor describe el recurso como un espacio para expresar opiniones subjetivas:
“We study, test, and innovate against censorship barriers — building tools, strategies, and communities that keep the open internet alive.”
Gracias a la alta frecuencia de actualizaciones (últimos datos recibidos el 17 junio, 2026), el canal mantiene la vigencia y un amplio alcance. La analítica demuestra que la audiencia interactúa activamente con el contenido, lo que lo convierte en un punto de referencia dentro de la categoría Tecnologías y Aplicaciones.
15 761
Suscriptores
-3524 horas
-1327 días
-64130 días
Archivo de publicaciones
15 761
The firewall required a routing update, and several CDN service IPs were added to enable access for certain government‑affiliated individuals and organizations.
We have successfully injected most of the IP ranges from the company’s cloud-based NS (AWS, Akamai, etc.) into the routing table. The changes are currently propagating and are expected to be fully applied by 06:00 AM Iran local time. Connectivity should now be smoother, allowing most users to connect more easily.
For now, focus on the following ranges (eventually, the full subnets will be applied):
2.144.x.x/24
3.160.x.x/20
18.154.x.x/24
23.49.x.x/20
You can also scan the range under 50.x.x.x, which has now been fully applied.
15 761
We performed a controlled lab test on several messaging apps. Observations are based solely on network traffic; no payload decryption or app reverse engineering was done.
1. DNS behavior
Some apps (e.g., Bale) requested DNS from multiple sources outside the device’s configured servers.
At least three DNS servers were contacted, all located outside the country.
2. Tunnel-flag behavior
When the tunnel flag was toggled on and off (no real network change), some apps behaved unusually.
Eita repeatedly closed otherwise successful server connections when the tunnel was on.
This behavior did not occur when the tunnel was off.
3. DNS resolution inconsistencies
Eita sometimes resolved a domain to an IP (e.g., a.b.c.d) but connected to a different IP (e.g., a.b.c.e), ignoring the resolved IP for extended periods.
4. Reconnection and traffic patterns
Eita repeatedly re-established connections after closing them.
We saw forground netowork activity in app that firts thought is for notifications.
We tested with a chat message showed the app did not load the message or notifications.but meanwhile
Upload traffic volume was much higher than download, which is not typical for getting notification request
5. Comparison with other apps
Rubika: similar to Eita, opening multiple connections to different servers, sending data, and closing connections frequently.
Bale: maintained a single, persistent TCP connection to its server, behaving normally.
These apps exhibit unusual and potentially suspicious network behavior.
Some easy to undrestand info are in the zip below:
15 761
New leak from Iran's regime censorship docs:
They’ve got ways to spot Starlink users and people on VPNs.
Some popular Iranian apps come bundled with hidden networking scripts that run in the background.
These scripts keep sending DNS queries and TCP requests outside your network — even when VPN is active (and in some apps, it doesn't even care if VPN is on).
They do it in 3 main ways:
to public/blocked servers (just to check if they connect)
to regime-controlled endpoints (to figure out how you're connecting)
to special DNS resolvers (to detect your leaks/IP)
Then they collect all this data and either send you threatening messages or pinpoint if you're on Starlink.
Be careful what apps you run. Stay sharp.
we may publish a complete report later , but for now just learn to use app proxing or split tunneling
15 761
We are watching the traffic coming from Iran, and it’s starting to look unusual.
Some techniques that previously worked are now widely used, and they have become visible at the firewall level.
Let me give you some advice.
When you play chess against an opponent who is more experienced, has studied your games, and already controls the center of the board, you don’t rush your queen into the middle. The center is where the board is most contested. If your opponent already controls those squares, placing your most valuable piece there only makes it an easy target.
Instead, strong players develop quietly, protect their pieces, and look for indirect ways to challenge control of the board.
The Thirty-Eight Barrier is close to run !
15 761
Until the data centers be inaccessible, why dont we just do the below?
We have tested the implementation and saw its benefits 😉
https://telegra.ph/The-Idea-of-dns-multiplexing-03-08
15 761
We pulled gigabytes of data straight from Iran's regime censorship network.
Inside:
Millions of IPs whitelisted during shutdowns (external ones locals use + the ones they allow)
Their plans to hunt down Starlink terminals inside the country
Ways they try to trace who’s still online during blackouts
and plenty more
We’ll drop some parts that can actually help people get to the free internet.
15 761
Sample ips for dns are as below:
(They are other ranges that are open now, scan and find out )
102.133.160.77
102.133.139.154
102.133.235.79
102.133.128.244
102.22.82.129
102.22.81.212
102.22.82.17
102.22.81.249
102.22.27.125
102.22.82.53
102.22.83.78
102.22.81.20
102.22.81.195
102.22.83.114
102.22.83.149
102.22.83.72
102.22.81.122
102.22.83.102
102.22.195.246
102.22.108.25
102.22.81.37
102.22.80.182
102.22.81.140
102.22.83.155
102.22.82.5
102.22.82.45
102.22.82.94
102.22.82.242
102.23.163.244
102.23.226.71
102.23.226.70
102.37.158.250
102.37.142.149
15 761
CIDRS can be calculated wrongly
We shouldnt write such important things in notepad though
Someone will accidentally come and replace range 103 with 102
Or just adds an ip like 217.60... at the end of 217.219 range
Or maybe worse
Opens a hole 195 range
We should be carefull !
15 761
The iran government preparing itself for a complete cut out on emergency.
Ive been told that they want to cut out the chain of connection in domestic internet so they dont let people share there tools to connect to international internet.
They plan to :
- Block the free fileshare services on mobile ISP's .
- block sharing links and content in all domestic messengers vastly.
- threatening people blindly by sending sms massages.
- gathering info about remaining connected vpns from vpn channels and groups manually or using crawlers like sparta to block them
These are happening right now.
In this situation i suggest three things:
-learn how to share youre files from youre computer for the hole internet (it is possible).
- send the links in base64 or be creative .there are otherways sending links and configs to people.
- for channels its better to send there configs in base64 or other creative ways.
We are going to help publicly or anonymously too.
15 761
The clinic and the edge router up to north had to be reset based
Well thats some work 😅
15 761
Nice job boy searching for internal servers to find proxy
A liitle mistke you did! But We will erase youre trace
No worries 😉
15 761
Public dns servers like : google , cloudflare and quad9 will be closed soon in iran .
ReScan and replace those in youre configs.
