5 May, 2026

WIPO Shuts Down Regional Redirection and Unauthorized App Downloads on instaplus.gold

UDRP Cases

Instagram, LLC successfully recovered three disputed domains—instagold.download, instaplus.gold, and instaplusgold.app—after a WIPO panel ruled they were registered and used in bad faith. The respondent leveraged the well-known INSTA trademark to host an Arabic-language site distributing unauthorized modified versions of the Instagram application. Panelist Nicholas Weston ordered all three domains transferred to the Complainant.

Case Snapshot

Case Number D2026-0191
Complainant Instagram, LLC
Respondent Assem Mahgoob, assem
Disputed Domain
instagold.downloadinstaplus.goldinstaplusgold.app
Threat Tactic Brand Plus Keyword
Decision Date 2026-02-27
Panelist Nicholas Weston
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2026-0191

Erosion of App Ecosystem Integrity and Multilayered Traffic Diversion Risks

The exploitation of the well-known INSTA and INSTAGRAM trademarks combined with descriptive terms like ‘plus’ and ‘gold’ across various generic Top-Level Domains (gTLDs)—specifically .download, .gold, and .app—illustrates a targeted strategy to dilute proprietary software ecosystems. By hosting an Arabic-language website that offered unauthorized, modified versions of the Complainant’s application, the Respondent directly intercepted users in regional markets. This unsanctioned software distribution undermines the brand owner’s strict control over its software security, features, and brand presentation, creating a parallel marketplace that exploits the Complainant’s established global goodwill without authorization.

Furthermore, the Respondent’s deployment of a multi-hop redirection architecture presents a complex threat to consumer trust. The domain instagold.download was designed as a deceptive update page that redirected visitors directly to instaplus.gold. This multi-layered tactic misleads consumers by mimicking official software update pathways, significantly raising the risk of user confusion and eroding public confidence in the brand’s digital distribution channels. For intellectual property and brand protection professionals, this highlights how bad actors construct fragmented user journeys across multiple registry points and gTLDs to shield their operations from rapid detection and takedown.

Finally, the strategic incorporation of the non-resolving domain instaplusgold.app demonstrates the threat of passive holding in alternative registry spaces. Although this third domain did not resolve to an active website at the time of the WIPO proceeding, its registration served to block the Complainant and reserve high-value brand-adjacent terms. This case emphasizes the critical defensive gaps left when brands fail to secure key iterations involving ‘plus’ and ‘gold’ across emerging gTLDs, giving bad actors the leverage to pre-emptively register these domains and use them as part of broader, bad-faith distribution campaigns.

Portfolio-Level Enforcement Against Multi-TLD Redirection and App Exploitation

The Complainant’s strategy succeeded by presenting a unified case against three distinct domain states, proving they were part of a coordinated traffic-diversion network. By leveraging its established global portfolio of trademark registrations for both INSTA and INSTAGRAM, the Complainant demonstrated that its rights long predated the Respondent’s registrations. Instagram, LLC successfully mapped the interactive relationship between the domains, showing how instagold.download redirected users to instaplus.gold to distribute unauthorized, modified Arabic-language versions of its application. For the third, passively held domain, instaplusgold.app, the Complainant successfully argued that inactive holding in the context of an abusive multi-domain scheme does not constitute a bona fide offering of goods or services under the Policy, leading Panelist Nicholas Weston to order a complete transfer of all three properties.

From a brand protection perspective, this case underscores the critical need for brand owners to defend not only their primary brand names but also recognized abbreviations across diverse generic Top-Level Domains (gTLDs). The Respondent targeted specific regional audiences by combining the famous INSTA mark with common software-related terms like ‘plus’ and ‘gold’ under .gold, .app, and .download extensions. The Complainant’s victory confirms that adding generic terms to a registered trademark cannot prevent a finding of confusing similarity. For intellectual property professionals, this highlight the importance of securing rapid transfers against multi-hop domain redirect setups that bypass primary application stores, even when targeting niche regional markets or utilizing passive holding strategies to evade detection.

Practical Recommendations

  • Monitor high-risk, software-oriented gTLDs (such as .download, .app, and .gold) for core trademarks combined with premium software-associated suffixes like ‘plus’ or ‘gold’ to detect unauthorized app distribution channels early.
  • Consolidate multiple domains in a single UDRP filing when combating multi-hop redirection tactics, ensuring that both active redirecting domains (e.g., .download and .gold) and passive reserve domains (e.g., .app) are resolved in a unified legal action.
  • Formulate a targeted defensive registration strategy for core and abbreviated brand names (like INSTA) coupled with premium modifiers (‘plus’, ‘gold’) within key gTLDs to close defensive gaps in regional markets.
  • Leverage the passive holding doctrine during UDRP proceedings to secure the transfer of inactive domains (such as instaplusgold.app) by demonstrating they are part of a broader, bad-faith ecosystem designed to exploit brand goodwill.

Frequently Asked Questions (FAQ)

Why did the panel determine that domains like instaplus.gold were confusingly similar to Instagram’s trademarks?

The Panelist ruled that the addition of generic terms such as ‘plus’ and ‘gold’ to the protected ‘INSTA’ and ‘INSTAGRAM’ trademarks does not distinguish the domains from the complainant’s brand. The inclusion of these terms, combined with various gTLDs like .gold, .app, and .download, was found insufficient to avoid consumer confusion.

What evidence did the panel cite to prove the respondent lacked rights or legitimate interests in these domains?

The panel noted that the respondent was not a licensee or affiliate of Instagram, LLC, and had no authorization to use the trademarks. Furthermore, the use of the domains to distribute unauthorized, modified versions of the Instagram application—specifically branded as ‘Instagram Gold’—cannot constitute a bona fide offering of goods or services under the UDRP policy.

How was ‘bad faith’ established regarding the registration and use of the disputed domains?

Bad faith was proven by the respondent’s intentional exploitation of the well-known ‘INSTA’ mark to attract traffic and target users. By creating a multi-step redirection process from instagold.download to instaplus.gold, the respondent leveraged the complainant’s reputation to distribute unsanctioned software modifications.

What was the practical outcome of this case for the disputed domains?

Following the ruling by Panelist Nicholas Weston on February 27, 2026, the WIPO panel ordered the immediate transfer of all three disputed domains—instagold.download, instaplus.gold, and instaplusgold.app—from the respondent to Instagram, LLC.

Detected: Brand-Plus-Keyword Domains

Bad actors often combine your brand with terms like ‘plus’ or ‘gold’ to distribute unauthorized software. Does your current monitoring strategy identify these deceptive variations before they impact your users?

Assess brand threat

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.