diff --git a/src/modules/parcel-sync/services/epay-client.ts b/src/modules/parcel-sync/services/epay-client.ts
index 25e5dbb..e83f5e0 100644
--- a/src/modules/parcel-sync/services/epay-client.ts
+++ b/src/modules/parcel-sync/services/epay-client.ts
@@ -216,14 +216,42 @@ export class EpayClient {
       throw new Error("ePay login failed (no session cookie)");
     }
 
-    // Navigate to ePay to establish JSESSIONID (if not already there)
-    const hasJsessionId = allCookies.some((c) => c.key === "JSESSIONID");
-    if (!hasJsessionId) {
-      await this.client.get(`${BASE_URL}/LogIn.action`, {
-        timeout: DEFAULT_TIMEOUT_MS,
-        maxRedirects: 5,
-        validateStatus: () => true,
-      });
+    // Navigate to ePay to establish JSESSIONID
+    // CRITICAL: ePay's goto URL is HTTP (http://epay.ancpi.ro:80), not HTTPS.
+    // The AMAuthCookie must be sent to this exact URL for ePay to create a session.
+    const epayUrls = [
+      "http://epay.ancpi.ro:80/epay/LogIn.action",
+      "http://epay.ancpi.ro/epay/LogIn.action",
+      `${BASE_URL}/LogIn.action`,
+    ];
+
+    let jsessionEstablished = false;
+    for (const epayUrl of epayUrls) {
+      try {
+        const epayResponse = await this.client.get(epayUrl, {
+          timeout: DEFAULT_TIMEOUT_MS,
+          maxRedirects: 5,
+          validateStatus: () => true,
+        });
+        const epayHtml = String(epayResponse.data ?? "");
+
+        // Check if we got the logged-in page (has credit info or user menu)
+        if (
+          epayHtml.includes("credit") ||
+          epayHtml.includes("LogOut") ||
+          epayHtml.includes("Istoric")
+        ) {
+          jsessionEstablished = true;
+          console.log(`[epay] Session established via ${epayUrl}`);
+          break;
+        }
+      } catch {
+        // Try next URL
+      }
+    }
+
+    if (!jsessionEstablished) {
+      console.warn("[epay] Could not establish ePay session, but AMAuthCookie is set.");
     }
 
     console.log("[epay] Login successful.");