How Vinted detects bots — the real answer in 2026

Where the "Vinted detects extensions" myth comes from

You've definitely read it, on a forum or a Discord: "Vinted detected my Chrome bot, I got shadowbanned in 48h". And you're wondering if the same is going to happen to you.

The truth is more nuanced. Vinted doesn't "see" the extension. From the server side, an HTTP request emitted by a Chrome extension is indistinguishable from a request emitted by a human clicking through the interface — same API endpoints, same session cookies, same browser. The extension doesn't add an "I am a bot" signature to its requests.

What Vinted detects is the pattern of those requests. And that's where it all plays out.

How anti-bot detection actually works on Vinted

Like any modern platform, Vinted uses a multi-signal approach. Not a single criterion that gets you banned, but a combination of signals that, together, raise a "risk score". Past a certain threshold, Vinted applies a restriction — shadowban, visibility throttling, temporary suspension, or in extreme cases an outright ban.

Here are the 6 main signals Vinted watches in practice, in order of importance.

Signal #1 — Cadence too regular (the absolute killer)

This is by far the most powerful signal. A human never acts at fixed intervals. You click on an item, you hesitate, you read the description, you go back, you click somewhere else, you get interrupted by a message, you come back. Your timings between actions look like: 47s, 2min12, 8s, 1min04, 23s, 5min, and so on.

A poorly designed bot does: 60s, 60s, 60s, 60s, 60s, 60s. Seen from the server, that's a giant red flag. A simple statistical analysis detects this pattern in a few minutes: "this user emits requests at near-constant intervals. Probability of being human: low."

The fix: random jitter. Instead of waiting exactly 5 minutes between two reposts, your tool waits between 3 and 12 minutes, with a non-uniform distribution. Every serious bot does this by default.

Signal #2 — No night pauses, no quiet hours

A human sleeps. A human eats. A human has a job. Across a normal Vinted seller's day, you'll observe:

• Little to no activity between midnight and 7 a.m.
• Morning peak (8–11 a.m.) before work
• A trough during the day (12 p.m.–5 p.m.)
• Evening peak (7–11 p.m.) — the biggest one
• No activity on Sunday mornings, etc.

A bot that reposts 50 items at 3 a.m., then 50 more at 6 a.m., then 50 more at 9 a.m., at sustained cadence 24/7, is a strong signal. No real seller does that.

The fix: active time window. Your tool only acts within a defined window (e.g. 8 a.m.–11 p.m.), with a strict night pause.

Signal #3 — Abnormal volume for the profile

Vinted knows your history. An account that reposted 5 items a day for 6 months and suddenly starts reposting 100 a day is suspicious. Not because 100/day is forbidden in absolute terms — a legit pro seller can do it — but because the sudden change is abnormal.

The (unofficial) thresholds observed in the community, beyond which risk climbs fast:

• More than 20 actions/hour sustained over several hours
• More than 50 reposts/day
• More than 30 follows/day
• More than 200 messages/day

The fix: daily cap. Every safely-calibrated bot (Redrip, Dotb…) enforces a cap by default, generally aligned with these thresholds.

Signal #4 — Inconsistent browser fingerprint

Every browser has a unique signature: Chrome version, OS, language, screen resolution, time zone, installed fonts, plugins, WebGL renderer, canvas hash. That's the "device fingerprint". Vinted computes it on every session.

Suspicious signal: your fingerprint changes radically from one session to the next (e.g. you were on Chrome 128 / macOS / FR in the morning, you switch to Firefox 119 / Windows / EN at noon, back to Chrome 128 in the evening). Unless you actually own several devices, that's a flag for fingerprint spoofing — often associated with multi-accounting or bots running in headless browsers.

The fix: a serious bot never alters your fingerprint. It acts inside your real browser, with your real headers. Be wary of tools that ask you to install a dedicated "anti-detect browser" — often it's riskier than protective.

Signal #5 — Shared IP across multiple accounts

If several Vinted accounts log in from the exact same public IP, especially in a short timeframe, Vinted detects it. It's one of the strongest signals because it's technically trivial to monitor server-side.

Typical cases:

• You run 3 Vinted accounts from the same home fiber connection → detected within days
• You use cheap shared proxies → the IP is already flagged by other bots
• You run several bots on the same VPS → catastrophic

The fix: 1 IP = 1 account. If you do multi-accounting (already risky, see our guide), use distinct residential connections (mobile 4G, a different location, etc.).

Signal #6 — Identical replies in a loop

If you use a bot's AI auto-reply and it sends the same message to 50 buyers in an hour with no variation, that's trivially detectable. Vinted can hash every message sent and detect exact duplicates.

Same goes for offers to favoriters: if every user who likes an item receives "Hi, -10% if you grab it now" word for word, it's a bot pattern.

The fix: variation. Serious AI bots generate each message from context (buyer's language, item being discussed, tone), so every reply is unique. If your tool uses fixed templates, manually add several variants.

Recap table — risk per signal

What Vinted DOES NOT detect

To rebalance the fear around the topic, here's what does not get you banned:

• Having a Chrome extension installed — Vinted does not "see" your installed extensions, that's technically impossible from the server side
• Reposting often — as long as you stay under the cap and use jitter, you can repost as much as you want
• Using Vinted's public API — public endpoints are designed to be called, the browser does it on every click
• Sending lots of messages — as long as they're real conversations with buyers, not identical mass spam
• Having a recent account — a 6-month-old account can do what a 5-year-old account does, at comparable volume

How Vinted enforces the sanction (least to most severe)

If Vinted detects suspicious behavior, the sanction is progressive:

1. Visibility throttling (light shadowban): your items get less push in the feed and search. You see your views drop with no explanation. Reversible by cutting volume.
2. Full shadowban: your items no longer show up in search for other users. You can see them, they can't. See our shadowban guide for diagnosis.
3. Temporary suspension: 24–72h with no access. Email from Vinted mentioning "unusual activity".
4. Permanent ban: account closed, funds temporarily frozen. Rare and reserved for clearly abusive behavior (massive multi-accounting, heavy scraping, spam).

The vast majority of "Vinted bot bans" you read about on Reddit are actually level 1 or 2 shadowbans, and reversible.

What to do if you get detected

1. Stop the automation tool immediately for 7–14 days
2. Only run manual actions during that period — log in, reply by hand, post 1–2 items per day
3. Do not call Vinted support. A call draws human attention onto your account and can turn a routine restriction into a deep review.
4. Resume gradually with cadences half as aggressive as the original

90% of shadowbans that lift naturally do so within 2–4 weeks with this protocol.

The 3-sentence summary

1. Vinted does not detect Chrome extensions — it detects automated behavior that is too obvious (fixed cadence, excessive volume, no pauses, shared IP).
2. A well-calibrated bot (jitter, cap, night pause, 1 IP per account) is statistically indistinguishable from a very active seller.
3. If you get shadowbanned, it's almost always reversible by stopping for 7–14 days and ramping back up gently.

FAQ — Vinted bot detection

Can Vinted detect an installed Chrome extension?

No, not directly. An extension runs on the browser side (client), invisible to Vinted's server. What Vinted sees are the HTTP requests sent from your browser, which are identical to those you'd produce by clicking manually.

How many actions per hour does Vinted consider suspicious?

No public threshold, but community observation suggests: more than 20 actions/hour sustained, more than 50 reposts/day, more than 30 follows/day, or several accounts from the same IP are thresholds to avoid.

Can a bot really be undetectable?

In practice yes, if it respects the 6 rules: jitter, cap, night pause, 1 IP per account, stable fingerprint, varied messages. Statistically, you become indistinguishable from a very active seller. Suspended accounts are almost always those that neglected at least 2 of these rules.

How do I know if I've already been detected?

Simple test: open a private browsing window, search for one of your items using its exact title. If it doesn't appear, you're shadowbanned. See our full guide on shadowban symptoms.

Does Vinted read the content of my automated messages?

Probably yes, partially. At minimum for anti-spam hashing (detecting duplicate messages). Beyond that, Vinted likely uses ML classifiers to flag scam patterns. Stick to natural, varied messages and you have nothing to worry about.

Should I use a VPN or proxy for my Vinted bot?

No, unless you're doing multi-accounting (not recommended). A VPN adds noise (shifting IP, inconsistent geolocation) which can itself trigger detection. Stay on your normal residential connection.

My account is brand new — am I being watched more closely?

Slightly yes — accounts under 30 days old are scrutinized more carefully to weed out fake accounts. The fix: start gently. Post 5–10 items by hand for the first two weeks, then gradually turn on automation.

Also read: Automating Vinted: is it legal?, Vinted shadowban: 7 signs and causes, Vinted bots 2026: the full comparison.