16 July, 2026

Addressing Unauthorized Brand-Impersonating Download Services

UDRP Cases

Instagram, LLC successfully transferred the domains savegram.app and savegram.info from Le TongMinh Luong. The panel ruled that the sites’ unauthorized use of trademarked terms to offer content downloading tools created consumer confusion and constituted bad faith.

Case Snapshot

Case Number D2026-1954
Complainant Instagram, LLC
Respondent Le TongMinh Luong
Disputed Domain
savegram.appsavegram.info
Threat Tactic Traffic Diversion
Decision Date 2029-06-29
Panelist Torsten Bettinger
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2026-1954

Business and Security Risks of Unauthorized Brand-Affiliated Utility Sites

The operation of ‘SaveGram’ domains represents a significant risk to brand trust and user security by providing unauthorized third-party utility services that mimic official platform functionality. By leveraging the Instagram, IG, and GRAM trademarks, these websites intentionally induce consumer confusion regarding their source, affiliation, and endorsement. This tactic not only dilutes the perceived exclusivity of the official service but also presents operational risks, as the Complainant has no oversight or control over how third-party operators scrape, process, or store data harvested from its platform. Such unauthorized intermediaries intercept user traffic under the guise of legitimate service extensions, creating a direct vector for potential abuse.

Furthermore, the reliance on coordinated domain management, evidenced by identical branding, naming patterns, and shared contact information across multiple TLDs, points to a sophisticated approach to domain monetization. The respondent’s failure to participate in the UDRP process—despite proper notification—highlights the ephemeral nature of these operations, which often prioritize rapid traffic acquisition for commercial gain before shifting to new infrastructure. For brand owners, these incidents underscore the need for proactive monitoring of domain registrations that combine core brand elements with descriptive utility keywords, as these sites can undermine user confidence by creating a false sense of security regarding the safety and legitimacy of third-party content-downloading tools.

Strategic Consolidation and Evidence-Based Bad Faith Analysis

The Complainant’s success in Case D2026-1954 rested on a robust consolidation strategy that linked multiple domain names—savegram.app and savegram.info—under common control. By documenting identical branding, consistent contact email addresses, and uniform website functionality that leveraged the INSTAGRAM trademark, the Complainant effectively neutralized the Respondent’s attempts to obscure ownership. This approach provided the panel with clear evidence that the disparate domains were part of a unified operation designed to divert traffic and confuse consumers. The strategy of showcasing the functional nexus—specifically the tools enabling unauthorized downloads from the platform—established that the domains were not merely passive holdings but active instruments of infringement.

Furthermore, the Complainant leveraged the Respondent’s failure to participate in the proceedings to streamline the UDRP analysis. By presenting detailed evidence of trademark registrations for INSTAGRAM, INSTA, IG, and GRAM, the Complainant demonstrated that the Respondent had no plausible claim to legitimate interests. The persuasive weight of the case relied on the deliberate synthesis of the brand name with descriptive keywords, which created an unavoidable likelihood of confusion regarding official endorsement. Ultimately, the Complainant’s ability to map the technical and commercial infrastructure of these sites allowed the panel to conclude that the registration and use of the domains clearly satisfied the criteria for bad faith under paragraph 4(b)(iv) of the Policy.

Practical Recommendations

  • Consolidate multiple infringing domains into a single UDRP filing by identifying indicators of common control, such as identical contact email addresses, shared branding, and uniform service offerings, to increase procedural efficiency.
  • Utilize registrar verification early in the dispute process to reveal underlying registrant information, even when privacy services are initially used, to accurately identify the respondent and confirm patterns of abuse.
  • Document the specific technical workflow of unauthorized services—such as content scraping tools requiring URL inputs—to substantiate claims of bad faith usage under paragraph 4(b)(iv) of the UDRP policy.
  • Explicitly argue that domain suffixes (e.g., .app, .info) should be disregarded in similarity analysis, allowing panels to focus on the core trademark infringement within the domain name itself.
  • Prepare comprehensive evidence regarding trademark registration dates and the global recognition of your marks to demonstrate that the respondent had constructive, if not actual, knowledge of your IP rights at the time of domain registration.

Frequently Asked Questions (FAQ)

Why were the domains savegram.app and savegram.info considered confusingly similar to Instagram’s trademarks?

The WIPO panel found that the disputed domains incorporated the ‘GRAM’ trademark in its entirety and evoked the well-known ‘INSTAGRAM’ mark, as ‘gram’ is widely associated with the Complainant’s brand. The inclusion of the prefix ‘save’ specifically targeted users looking for content-downloading tools for the Instagram platform.

What evidence proved the respondent lacked rights or legitimate interests in the disputed domains?

Instagram, LLC demonstrated that the respondent had no relationship with the company and had never been authorized or licensed to use the INSTAGRAM, INSTA, or GRAM trademarks. Furthermore, the respondent failed to provide any evidence of rights or legitimate interests and did not file a formal response to the complaint.

How did the panel establish bad faith in the registration and use of these specific domains?

Bad faith was proven under paragraph 4(b)(iv) of the UDRP policy. The panel noted that the respondent intentionally registered the domains to attract internet users for commercial gain by creating a likelihood of confusion, specifically by offering unauthorized downloading tools that falsely implied an affiliation or endorsement by the Complainant.

What key indicators allowed the panel to conclude the two domains were under common control?

The panel identified multiple indicators of common control, including that both websites utilized identical contact email addresses, mirrored naming patterns (combining ‘save’ with ‘gram’), and provided substantially similar unauthorized utility services for Instagram content, all of which pointed to a singular operator.

Losing traffic to unauthorized third-party downloaders?

Like the Instagram ‘SaveGram’ case, unauthorized platforms often hijack brand traffic by offering illegitimate tools. Learn how to identify common control and recover domains effectively.

Assess traffic diversion

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.