cdp-edge 1.2.0

package/server-edge-tracker/worker.js

@@ -0,0 +1,2574 @@
+/**
+ * CDP Edge Server — server-edge-tracker.seu-usuario.workers.dev
+ * Meta CAPI v22.0 + GA4 Measurement Protocol + TikTok Events API + D1
+ * Cloudflare Workers (plano gratuito)
+ *
+ * Endpoints:
+ *   POST /track           → evento do browser (PageView, Lead, Purchase…)
+ *   POST /webhook/ticto   → compra confirmada pela Ticto (v2 JSON)
+ *   GET  /health          → status do Worker
+ *
+ * Secrets (configurar via: wrangler secret put NOME):
+ *   META_ACCESS_TOKEN    → token da Conversions API Meta
+ *   GA4_API_SECRET       → secret do Measurement Protocol (GA4 → Admin → Data Streams → API secrets)
+ *   TIKTOK_ACCESS_TOKEN  → token da TikTok Events API (TikTok for Business → Assets → Events → Web Events → Manage → API)
+ *   META_TEST_CODE       → só em testes (ex: TEST12345) — remover em produção
+ */
+
+// ── Constantes ────────────────────────────────────────────────────────────────
+const META_PIXEL_ID      = '1234567890123456';        // Substitua pelo seu Pixel ID
+const GA4_MEASUREMENT_ID = 'G-XXXXXXXXXX';            // Substitua pelo seu ID GA4
+const TIKTOK_PIXEL_ID    = 'CXXXXXXXXXXXXXXX';        // Substitua pelo seu Pixel TikTok
+const ALLOWED_ORIGINS    = [
+  'https://seu-dominio.com.br',                       // Substitua pelo URL absoluto de origem do seu funil
+  'https://seu-worker-tracking.seu-usuario.workers.dev', // URL real do Cloudflare Worker para CORS
+  'http://localhost:3000',                            // Desenvolvimento local Next
+  'http://localhost:5173',                            // Desenvolvimento local Vite
+];
+
+// ── SHA-256 via WebCrypto (obrigatório no Cloudflare Workers) ─────────────────
+async function sha256(value) {
+  if (!value) return undefined;
+  const clean = String(value).toLowerCase().trim();
+  if (!clean) return undefined;
+  const buf = await crypto.subtle.digest(
+    'SHA-256',
+    new TextEncoder().encode(clean)
+  );
+  return Array.from(new Uint8Array(buf))
+    .map(b => b.toString(16).padStart(2, '0'))
+    .join('');
+}
+
+// ── Normalização de telefone → somente dígitos + DDI 55 ──────────────────────
+function normalizePhone(phone) {
+  if (!phone) return undefined;
+  let digits = String(phone).replace(/\D/g, '');
+  if (digits.length === 11 && !digits.startsWith('55')) digits = '55' + digits;
+  if (digits.length === 10 && !digits.startsWith('55')) digits = '55' + digits;
+  return digits.length >= 10 ? digits : undefined;
+}
+
+// ── Normalização de cidade → lowercase sem acentos ────────────────────────────
+function normalizeCity(city) {
+  if (!city) return undefined;
+  return String(city)
+    .toLowerCase()
+    .normalize('NFD')
+    .replace(/[\u0300-\u036f]/g, '')
+    .replace(/[^a-z0-9]/g, '');
+}
+
+// ── CORS ──────────────────────────────────────────────────────────────────────
+function corsHeaders(origin) {
+  const allowed = ALLOWED_ORIGINS.includes(origin) ? origin : ALLOWED_ORIGINS[0];
+  return {
+    'Access-Control-Allow-Origin':  allowed,
+    'Access-Control-Allow-Methods': 'POST, GET, OPTIONS',
+    'Access-Control-Allow-Headers': 'Content-Type, X-Requested-With',
+    'Access-Control-Max-Age':       '86400',
+  };
+}
+
+// ── Meta CAPI v22.0 ───────────────────────────────────────────────────────────
+async function sendMetaCapi(env, eventName, payload, request, ctx) {
+  const {
+    email, phone, firstName, lastName,
+    city, state, country,
+    zip, dob,
+    fbp, fbc, userId,
+    eventId, pageUrl,
+    value, currency,
+    contentIds, contentName, contentType, numItems,
+  } = payload;
+
+  const phoneNorm   = normalizePhone(phone);
+  const countryCode = (country || request.cf?.country || 'br').toLowerCase();
+  const stateCode   = state ? String(state).toLowerCase() : undefined;
+  const cityNorm    = normalizeCity(city);
+
+  // user_data — hashear tudo com SHA-256 antes de enviar
+  const userData = {
+    ...(email      && { em:       await sha256(email) }),
+    ...(phoneNorm  && { ph:       await sha256(phoneNorm) }),
+    ...(firstName  && { fn:       await sha256(firstName) }),
+    ...(lastName   && { ln:       await sha256(lastName) }),
+    ...(cityNorm   && { ct:       await sha256(cityNorm) }),
+    ...(stateCode  && { st:       await sha256(stateCode) }),
+    ...(countryCode && { country: await sha256(countryCode) }),
+    ...(userId     && { external_id: await sha256(String(userId)) }),
+    ...(zip        && { zp:         await sha256(zip) }),
+    ...(dob        && { db:         await sha256(dob) }),
+    ...(fbp        && { fbp }),   // cookies NÃO são hasheados
+    ...(fbc        && { fbc }),
+    client_ip_address: request.headers.get('CF-Connecting-IP')
+                    || request.headers.get('X-Forwarded-For')
+                    || '',
+    client_user_agent: request.headers.get('User-Agent') || '',
+  };
+
+  // custom_data — dados do produto/valor
+  const customData = {
+    ...(value       !== undefined && { value: parseFloat(value) }),
+    ...(currency    && { currency: String(currency).toUpperCase() }),
+    ...(contentIds  && contentIds.length > 0 && { content_ids: contentIds }),
+    ...(contentName && { content_name: contentName }),
+    ...(contentType && { content_type: contentType }),
+    ...(numItems    && { num_items: parseInt(numItems) }),
+  };
+
+  const eventPayload = {
+    event_name:       eventName,
+    event_time:       Math.floor(Date.now() / 1000),
+    event_id:         eventId || `cdp_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`,
+    event_source_url: pageUrl || `https://server-edge-tracker.suporte-ed9.workers.dev`,
+    action_source:    'website',
+    user_data:        userData,
+    ...(Object.keys(customData).length > 0 && { custom_data: customData }),
+  };
+
+  const requestBody = {
+    data:         [eventPayload],
+    access_token: env.META_ACCESS_TOKEN,
+  };
+
+  // Test Event Code — só em staging, remover em produção
+  if (env.META_TEST_CODE) {
+    requestBody.test_event_code = env.META_TEST_CODE;
+  }
+
+  const endpoint = `https://graph.facebook.com/v22.0/${META_PIXEL_ID}/events`;
+
+  try {
+    const res = await fetch(endpoint, {
+      method:  'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body:    JSON.stringify(requestBody),
+    });
+
+    const data = await res.json();
+
+    if (!res.ok) {
+      const errorCode = data.error?.code || String(res.status);
+      const errorMessage = data.error?.message || data.error?.error_user_msg || 'Unknown error';
+      console.error('Meta CAPI error:', JSON.stringify(data));
+
+      // Log de falha para Feedback Loop
+      if (env.DB) {
+        ctx.waitUntil(logApiFailure(
+          env.DB,
+          'meta',
+          eventName,
+          errorCode,
+          errorMessage,
+          eventPayload.event_id,
+          JSON.stringify(requestBody)
+        ));
+      }
+    }
+
+    return data;
+  } catch (err) {
+    console.error('Meta CAPI fetch failed:', err.message);
+
+    // Log de falha para Feedback Loop
+    if (env.DB) {
+      ctx.waitUntil(logApiFailure(
+        env.DB,
+        'meta',
+        eventName,
+        'FETCH_ERROR',
+        err.message,
+        eventPayload.event_id,
+        JSON.stringify(requestBody)
+      ));
+    }
+
+    return { error: err.message };
+  }
+}
+
+// ── GA4 Measurement Protocol ──────────────────────────────────────────────────
+async function sendGA4Mp(env, ga4EventName, payload, ctx) {
+  if (!env.GA4_API_SECRET) return { skipped: 'GA4_API_SECRET not set' };
+
+  const {
+    clientId, sessionId,
+    value, currency, contentName,
+    email, phone, firstName,
+    orderId,
+  } = payload;
+
+  // GA4 MP exige client_id (cookie _ga)
+  if (!clientId) return { skipped: 'no clientId' };
+
+  const eventParams = {
+    ...(value       !== undefined && { value: parseFloat(value) }),
+    ...(currency    && { currency: String(currency).toUpperCase() }),
+    ...(contentName && { content_name: contentName }),
+    ...(orderId     && { transaction_id: orderId }),
+    ...(email       && { user_data_email_address: email.toLowerCase().trim() }),
+    ...(phone       && { user_data_phone_number: normalizePhone(phone) }),
+    ...(firstName   && { user_data_first_name: firstName.toLowerCase().trim() }),
+    ...(sessionId   && { session_id: sessionId }),
+    engagement_time_msec: 100,
+  };
+
+  const body = {
+    client_id: clientId,
+    events: [{ name: ga4EventName, params: eventParams }],
+  };
+
+  const url = `https://www.google-analytics.com/mp/collect`
+            + `?measurement_id=${GA4_MEASUREMENT_ID}`
+            + `&api_secret=${env.GA4_API_SECRET}`;
+
+  try {
+    const res = await fetch(url, {
+      method:  'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body:    JSON.stringify(body),
+    });
+
+    // GA4 MP retorna 204 em sucesso (sem body)
+    if (res.status !== 204) {
+      // Log de falha para Feedback Loop
+      if (env.DB && ctx) {
+        ctx.waitUntil(logApiFailure(
+          env.DB,
+          'ga4',
+          ga4EventName,
+          String(res.status),
+          'GA4 returned non-204 status',
+          null,
+          JSON.stringify(body)
+        ));
+      }
+    }
+
+    return res.status === 204 ? { ok: true } : { status: res.status };
+  } catch (err) {
+    console.error('GA4 MP fetch failed:', err.message);
+
+    // Log de falha para Feedback Loop
+    if (env.DB && ctx) {
+      ctx.waitUntil(logApiFailure(
+        env.DB,
+        'ga4',
+        ga4EventName,
+        'FETCH_ERROR',
+        err.message,
+        null,
+        JSON.stringify(body)
+      ));
+    }
+
+    return { error: err.message };
+  }
+}
+
+// ── D1 — salvar lead ──────────────────────────────────────────────────────────
+async function saveLead(env, eventName, payload, request, platform = 'website') {
+  if (!env.DB) return;
+  try {
+    const {
+      email, phone, firstName, lastName,
+      city, state, country,
+      fbp, fbc, userId,
+      utmSource, utmMedium, utmCampaign, utmContent, utmTerm,
+      pageUrl, value, currency, eventId, botScore,
+      engagementScore, intentionLevel, utmRestored,
+    } = payload;
+
+    await env.DB.prepare(`
+      INSERT INTO leads (
+        event_name, event_id, email, phone, first_name, last_name,
+        city, state, country, fbp, fbc, user_id,
+        utm_source, utm_medium, utm_campaign, utm_content, utm_term,
+        page_url, value, currency, ip_address, platform, bot_score,
+        engagement_score, intention_level, utm_restored, created_at
+      ) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,datetime('now'))
+    `).bind(
+      eventName,
+      eventId       || null,
+      email         || null,
+      normalizePhone(phone) || null,
+      firstName     || null,
+      lastName      || null,
+      city          || null,
+      state         || null,
+      (country      || request.cf?.country || null),
+      fbp           || null,
+      fbc           || null,
+      userId        || null,
+      utmSource     || null,
+      utmMedium     || null,
+      utmCampaign   || null,
+      utmContent    || null,
+      utmTerm       || null,
+      pageUrl       || null,
+      value !== undefined ? parseFloat(value) : null,
+      currency      || 'BRL',
+      request.headers.get('CF-Connecting-IP') || null,
+      platform,
+      botScore      || 0,
+      engagementScore !== undefined ? parseFloat(engagementScore) : null,
+      intentionLevel || null,
+      utmRestored ? 1 : 0,
+    ).run();
+  } catch (err) {
+    console.error('D1 saveLead error:', err.message);
+  }
+}
+
+// ── D1 — upsert perfil (acumula cookies entre visitas) ───────────────────────
+// ── Cálculo de Cohort Label baseado no score acumulado ───────────────────────
+function calculateCohortLabel(score, eventName) {
+  if (eventName === 'Purchase') return 'buyer_lookalike';
+  if (score >= 80)  return 'high_intent';
+  if (score >= 30)  return 'nurture';
+  return 'lost';
+}
+
+async function upsertProfile(env, eventName, payload, request) {
+  if (!env.DB || !payload.userId) return;
+  try {
+    const {
+      userId, email, phone,
+      fbp, fbc, ttp, gclid, ttclid, gaClientId,
+      city, state, country,
+      engagementScore, userScore,
+    } = payload;
+
+    // Score base por evento + bônus de engajamento do browser
+    const scoreMap = { PageView: 5, ViewContent: 10, ScrollDepth: 3, TimeOnPage: 5, Lead: 30, InitiateCheckout: 50, Purchase: 100 };
+    const eventScore = scoreMap[eventName] || 2;
+
+    // userScore vem do BehaviorEngine (0-100), engagementScore do engagement-scoring.js (0-5)
+    // Normaliza ambos para uma escala de bônus adicional (0-20)
+    const behaviorBonus = userScore
+      ? Math.round((Math.min(userScore, 100) / 100) * 20)
+      : (engagementScore ? Math.round((Math.min(engagementScore, 5) / 5) * 10) : 0);
+
+    const totalDelta = eventScore + behaviorBonus;
+
+    await env.DB.prepare(`
+      INSERT INTO user_profiles
+        (user_id, email, phone, fbp, fbc, ttp, gclid, ttclid, ga_client_id,
+         city, state, country, score, cohort_label, created_at, updated_at)
+      VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,datetime('now'),datetime('now'))
+      ON CONFLICT(user_id) DO UPDATE SET
+        email        = COALESCE(excluded.email,        user_profiles.email),
+        phone        = COALESCE(excluded.phone,        user_profiles.phone),
+        fbp          = COALESCE(excluded.fbp,          user_profiles.fbp),
+        fbc          = COALESCE(excluded.fbc,          user_profiles.fbc),
+        ttp          = COALESCE(excluded.ttp,          user_profiles.ttp),
+        gclid        = COALESCE(excluded.gclid,        user_profiles.gclid),
+        ttclid       = COALESCE(excluded.ttclid,       user_profiles.ttclid),
+        ga_client_id = COALESCE(excluded.ga_client_id, user_profiles.ga_client_id),
+        city         = COALESCE(excluded.city,         user_profiles.city),
+        state        = COALESCE(excluded.state,        user_profiles.state),
+        country      = COALESCE(excluded.country,      user_profiles.country),
+        score        = user_profiles.score + excluded.score,
+        cohort_label = excluded.cohort_label,
+        updated_at   = datetime('now')
+    `).bind(
+      userId,
+      email              || null,
+      normalizePhone(phone) || null,
+      fbp                || null,
+      fbc                || null,
+      ttp                || null,
+      gclid              || null,
+      ttclid             || null,
+      gaClientId         || null,
+      city               || null,
+      state              || null,
+      (country           || request.cf?.country || null),
+      totalDelta,
+      calculateCohortLabel(totalDelta, eventName),
+    ).run();
+  } catch (err) {
+    console.error('D1 upsertProfile error:', err.message);
+  }
+}
+
+// ── D1 — Cross-Device Graph (matching probabilístico) ────────────────────────
+// Quando email ou phone aparecem em outro _cdp_uid, registra o par no device_graph.
+// Não mescla dados — preserva ambos os perfis, apenas cria o link de identidade.
+// O primary_user_id é o perfil mais antigo (mais confiável historicamente).
+async function resolveDeviceGraph(DB, currentUserId, email, phone) {
+  if (!DB || !currentUserId) return;
+  if (!email && !phone) return;
+
+  try {
+    // Busca perfis com mesmo email OU mesmo phone mas _cdp_uid diferente
+    const conditions = [];
+    const bindings   = [];
+
+    if (email) {
+      conditions.push('email = ?');
+      bindings.push(email.toLowerCase().trim());
+    }
+    if (phone) {
+      const digits = String(phone).replace(/\D/g, '');
+      if (digits.length >= 10) {
+        conditions.push('phone LIKE ?');
+        bindings.push(`%${digits.slice(-10)}`);  // sufixo dos últimos 10 dígitos
+      }
+    }
+
+    if (conditions.length === 0) return;
+
+    bindings.push(currentUserId);
+    const rows = await DB.prepare(`
+      SELECT user_id, email, phone, created_at
+      FROM user_profiles
+      WHERE (${conditions.join(' OR ')})
+        AND user_id != ?
+      ORDER BY created_at ASC
+      LIMIT 5
+    `).bind(...bindings).all();
+
+    if (!rows.results || rows.results.length === 0) return;
+
+    for (const match of rows.results) {
+      // Determinar tipo de match e confiança
+      const emailMatch = email && match.email &&
+        email.toLowerCase().trim() === match.email.toLowerCase().trim();
+      const phoneMatch = phone && match.phone && (() => {
+        const a = String(phone).replace(/\D/g, '');
+        const b = String(match.phone).replace(/\D/g, '');
+        return a.slice(-10) === b.slice(-10) && a.length >= 10;
+      })();
+
+      if (!emailMatch && !phoneMatch) continue;
+
+      const matchType       = emailMatch && phoneMatch ? 'email+phone' : (emailMatch ? 'email' : 'phone');
+      const matchConfidence = emailMatch && phoneMatch ? 0.99 : (emailMatch ? 0.95 : 0.85);
+
+      // primary = mais antigo (âncora de identidade)
+      const primary   = match.user_id;    // veio da query ORDER BY created_at ASC
+      const secondary = currentUserId;
+
+      await DB.prepare(`
+        INSERT OR IGNORE INTO device_graph
+          (primary_user_id, secondary_user_id, match_type, match_confidence)
+        VALUES (?, ?, ?, ?)
+      `).bind(primary, secondary, matchType, matchConfidence).run();
+
+      console.log(`[DeviceGraph] Linked ${secondary} → ${primary} via ${matchType} (confidence: ${matchConfidence})`);
+    }
+  } catch (err) {
+    console.error('resolveDeviceGraph error:', err.message);
+  }
+}
+
+// ── Automação de Mensagens — avalia regras e dispara WA/Email ────────────────
+// Chamado via ctx.waitUntil após saveLead() para não bloquear o browser.
+// Requer secrets: WHATSAPP_TOKEN, WHATSAPP_PHONE_NUMBER_ID, RESEND_API_KEY, RESEND_FROM_EMAIL
+async function fireAutomation(env, eventName, leadId, payload) {
+  if (!env.DB) return;
+
+  try {
+    const { results: rules } = await env.DB
+      .prepare(
+        `SELECT id, channel, subject_template, message_template
+         FROM automation_rules
+         WHERE trigger_event = ?1 AND is_active = 1`
+      )
+      .bind(eventName)
+      .all();
+
+    if (!rules || rules.length === 0) return;
+
+    const vars = {
+      name:       String(payload.firstName || payload.name || ''),
+      email:      String(payload.email     || ''),
+      phone:      String(payload.phone     || ''),
+      campaign:   String(payload.utm_campaign || payload.utmCampaign || ''),
+      intention:  String(payload.intentionLevel || payload.intention_level || ''),
+    };
+
+    const interpolate = (tpl) =>
+      tpl.replace(/\{\{(\w+)\}\}/g, (_, k) => vars[k] ?? '');
+
+    for (const rule of rules) {
+      const message = interpolate(rule.message_template);
+      const subject = rule.subject_template ? interpolate(rule.subject_template) : null;
+
+      try {
+        if (rule.channel === 'whatsapp' && payload.phone && env.WHATSAPP_TOKEN && env.WHATSAPP_PHONE_NUMBER_ID) {
+          const digits  = String(payload.phone).replace(/\D/g, '');
+          const e164    = digits.startsWith('55') ? `+${digits}` : `+55${digits}`;
+          const waRes   = await fetch(
+            `https://graph.facebook.com/v22.0/${env.WHATSAPP_PHONE_NUMBER_ID}/messages`,
+            {
+              method: 'POST',
+              headers: { 'Authorization': `Bearer ${env.WHATSAPP_TOKEN}`, 'Content-Type': 'application/json' },
+              body: JSON.stringify({ messaging_product: 'whatsapp', recipient_type: 'individual', to: e164, type: 'text', text: { body: message } }),
+            }
+          );
+          const waData  = await waRes.json();
+          const status  = waRes.ok ? 'sent' : 'failed';
+          const meta    = waRes.ok ? (waData.messages?.[0]?.id ?? null) : JSON.stringify(waData);
+          await env.DB.prepare(
+            `INSERT INTO messaging_history (lead_id, channel, recipient, subject, content, status, meta) VALUES (?1,?2,?3,?4,?5,?6,?7)`
+          ).bind(leadId, 'whatsapp', e164, null, message, status, meta).run();
+
+        } else if (rule.channel === 'email' && payload.email && env.RESEND_API_KEY) {
+          const resendRes  = await fetch('https://api.resend.com/emails', {
+            method: 'POST',
+            headers: { 'Authorization': `Bearer ${env.RESEND_API_KEY}`, 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+              from:    env.RESEND_FROM_EMAIL || 'noreply@cdp-edge.app',
+              to:      [payload.email],
+              subject: subject || `Olá, ${vars.name || 'você'}!`,
+              html:    `<p>${message.replace(/\n/g, '<br>')}</p>`,
+            }),
+          });
+          const resendData = await resendRes.json();
+          const status     = resendRes.ok ? 'sent' : 'failed';
+          const meta       = resendRes.ok ? (resendData.id ?? null) : JSON.stringify(resendData);
+          await env.DB.prepare(
+            `INSERT INTO messaging_history (lead_id, channel, recipient, subject, content, status, meta) VALUES (?1,?2,?3,?4,?5,?6,?7)`
+          ).bind(leadId, 'email', payload.email, subject, message, status, meta).run();
+        }
+      } catch (err) {
+        console.error(`[Automation] rule ${rule.id} error:`, err.message);
+      }
+    }
+  } catch (err) {
+    console.error('[Automation] fireAutomation error:', err.message);
+  }
+}
+
+// ── D1 — buscar perfil por email (para webhooks) ──────────────────────────────
+async function getProfileByEmail(env, email) {
+  if (!env.DB || !email) return null;
+  try {
+    return await env.DB.prepare(
+      'SELECT * FROM user_profiles WHERE email = ? ORDER BY updated_at DESC LIMIT 1'
+    ).bind(email.toLowerCase().trim()).first();
+  } catch {
+    return null;
+  }
+}
+
+// ─────────────────────────────────────────────────────────────────────────────
+// EDGE FINGERPRINT — UTM Resurrection
+// ─────────────────────────────────────────────────────────────────────────────
+
+// ── Edge Geo Enrichment — Workers Paid: cidade, estado, CEP, lat/lon ─────────
+// Free tier:    cf.country, cf.continent, cf.asn (sempre disponíveis)
+// Workers Paid: cf.city, cf.region, cf.regionCode, cf.postalCode,
+//               cf.latitude, cf.longitude, cf.timezone, cf.metroCode
+// Quando Workers Paid não está ativo, os campos Paid retornam undefined
+// e o payload é enriquecido apenas com os dados Free disponíveis.
+// Ao contratar Workers Paid ($5/mês) os dados passam a chegar automaticamente.
+async function enrichGeoFromEdge(request, env, payload) {
+  const cf = request.cf || {};
+  const ip = request.headers.get('CF-Connecting-IP') || '';
+
+  // ── Tentar cache KV (TTL 1h) — evita lookup redundante por IP ────────────
+  let geoData = null;
+  if (env.GEO_CACHE && ip) {
+    try {
+      const cached = await env.GEO_CACHE.get(`geo:${ip}`, 'json');
+      if (cached) geoData = cached;
+    } catch {}
+  }
+
+  if (!geoData) {
+    geoData = {
+      // ── Free tier (sempre disponível) ──────────────────────────────────────
+      country:    cf.country          || null, // 'BR', 'US'
+      continent:  cf.continent        || null, // 'SA', 'NA'
+      asn:        cf.asn              || null, // 7628
+      asOrg:      cf.asOrganization   || null, // 'VIVO (Telefonica Brasil)'
+      colo:       cf.colo             || null, // 'GRU' (datacenter mais próximo)
+      // ── Workers Paid ($5/mês) ───────────────────────────────────────────────
+      city:       cf.city             || null, // 'São Paulo'
+      region:     cf.region           || null, // 'São Paulo' (nome do estado)
+      regionCode: cf.regionCode       || null, // 'SP'
+      postalCode: cf.postalCode       || null, // '01310-100'
+      latitude:   cf.latitude         || null, // '-23.5505'
+      longitude:  cf.longitude        || null, // '-46.6333'
+      timezone:   cf.timezone         || null, // 'America/Sao_Paulo'
+      metroCode:  cf.metroCode        || null, // código de área metropolitana
+    };
+
+    // Salvar no KV por 1h (geo de IP raramente muda)
+    if (env.GEO_CACHE && ip && geoData.country) {
+      try {
+        await env.GEO_CACHE.put(`geo:${ip}`, JSON.stringify(geoData), { expirationTtl: 3600 });
+      } catch {}
+    }
+  }
+
+  // ── Enriquecer payload (edge tem prioridade menor que dados do browser) ───
+  payload.country = payload.country || geoData.country;
+  payload.city    = payload.city    || geoData.city;
+  payload.state   = payload.state   || geoData.regionCode; // 'SP', 'RJ'
+  payload.zip     = payload.zip     || geoData.postalCode;
+
+  // Objeto completo disponível para agentes (Analytics, Attribution, LTV)
+  payload.geo = geoData;
+
+  return geoData;
+}
+
+// ── R2 Audit Log — grava evento consolidado no bucket cdp-edge-logs ──────────
+// Só executa quando env.AUDIT_LOGS estiver disponível (R2 habilitado no CF Dashboard)
+// Chamado via ctx.waitUntil — não bloqueia resposta ao browser
+async function writeAuditLog(env, eventName, payload, geoData) {
+  if (!env.AUDIT_LOGS) return;
+  try {
+    const now = new Date();
+    const y   = now.getUTCFullYear();
+    const m   = String(now.getUTCMonth() + 1).padStart(2, '0');
+    const d   = String(now.getUTCDate()).padStart(2, '0');
+    const key = `logs/${y}/${m}/${d}/${now.getTime()}_${eventName}.json`;
+
+    const log = {
+      timestamp: now.toISOString(),
+      event:     eventName,
+      userId:    payload.userId    || null,
+      eventId:   payload.eventId   || null,
+      value:     payload.value     || null,
+      currency:  payload.currency  || null,
+      ltvClass:  payload.ltvClass  || null,
+      utm: {
+        source:   payload.utmSource   || null,
+        medium:   payload.utmMedium   || null,
+        campaign: payload.utmCampaign || null,
+        content:  payload.utmContent  || null,
+        term:     payload.utmTerm     || null,
+        restored: payload.utmRestored || false,
+      },
+      geo: geoData || null,
+    };
+
+    await env.AUDIT_LOGS.put(key, JSON.stringify(log), {
+      httpMetadata: { contentType: 'application/json' },
+    });
+  } catch (err) {
+    console.error('[R2 Audit] Error:', err.message);
+  }
+}
+
+// ── Gerar fingerprint a partir de signals de borda (sem PII) ─────────────────
+// Combina: ASN (rede do usuário) + Accept-Language + base do User-Agent
+// Efêmero por design: identifica o dispositivo/rede, não a pessoa.
+async function generateEdgeFingerprint(request) {
+  const asn      = String(request.cf?.asn || '0');
+  const lang     = (request.headers.get('Accept-Language') || 'unknown').split(',')[0].trim();
+  const ua       = request.headers.get('User-Agent') || '';
+
+  // Base do UA: apenas plataforma + browser (sem versão — mais estável entre sessões)
+  // Ex: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
+  //  → "windows applewebkit"
+  const uaBase = ua
+    .toLowerCase()
+    .replace(/[\d.]+/g, '')           // remove números de versão
+    .replace(/[^a-z\s]/g, ' ')        // remove caracteres especiais
+    .split(' ')
+    .filter(w => w.length > 3)        // só palavras com >3 chars (remove ruído)
+    .slice(0, 4)                       // pega até 4 tokens
+    .join(' ')
+    .trim();
+
+  const raw = `${asn}|${lang}|${uaBase}`;
+  return sha256(raw);
+}
+
+// ── Salvar fingerprint + UTM no D1 (quando UTM presente) ─────────────────────
+async function saveEdgeFingerprint(DB, fingerprint, userId, payload) {
+  if (!DB || !fingerprint) return;
+  const { utmSource, utmMedium, utmCampaign, utmContent, utmTerm } = payload;
+  if (!utmSource) return; // só salva quando há UTM real
+
+  try {
+    await DB.prepare(`
+      INSERT INTO edge_fingerprints (fingerprint, user_id, utm_source, utm_medium, utm_campaign, utm_content, utm_term)
+      VALUES (?, ?, ?, ?, ?, ?, ?)
+    `).bind(
+      fingerprint,
+      userId      || null,
+      utmSource   || null,
+      utmMedium   || null,
+      utmCampaign || null,
+      utmContent  || null,
+      utmTerm     || null,
+    ).run();
+  } catch (err) {
+    console.error('saveEdgeFingerprint error:', err.message);
+  }
+}
+
+// ── Recuperar UTM perdida por fingerprint (últimas 48h) ───────────────────────
+async function resurrectUTM(DB, fingerprint) {
+  if (!DB || !fingerprint) return null;
+  try {
+    return await DB.prepare(`
+      SELECT utm_source, utm_medium, utm_campaign, utm_content, utm_term
+      FROM edge_fingerprints
+      WHERE fingerprint = ?
+        AND utm_source IS NOT NULL
+        AND created_at > datetime('now', '-48 hours')
+      ORDER BY created_at DESC
+      LIMIT 1
+    `).bind(fingerprint).first();
+  } catch {
+    return null;
+  }
+}
+
+// ── TikTok Events API v1.3 ───────────────────────────────────────────────────
+async function sendTikTokApi(env, eventName, payload, request, ctx) {
+  if (!env.TIKTOK_ACCESS_TOKEN) return { skipped: 'TIKTOK_ACCESS_TOKEN not set' };
+
+  const pixelId = env.TIKTOK_PIXEL_ID || TIKTOK_PIXEL_ID;
+  if (!pixelId || pixelId === 'SEU_TIKTOK_PIXEL_ID') return { skipped: 'TIKTOK_PIXEL_ID not configured' };
+
+  const {
+    email, phone, firstName, lastName,
+    fbp, fbc, ttp, ttclid, userId,
+    eventId, pageUrl,
+    value, currency,
+    contentIds, contentName, contentType,
+  } = payload;
+
+  const phoneNorm = normalizePhone(phone);
+
+  // user — hashear com SHA-256
+  const user = {
+    ...(email      && { email:       await sha256(email) }),
+    ...(phoneNorm  && { phone_number: await sha256(phoneNorm) }),
+    ...(userId     && { external_id: await sha256(String(userId)) }),
+    ...(ttp        && { ttp }),      // _ttp cookie — não hashear
+    ...(ttclid     && { ttclid }),   // click ID — não hashear
+  };
+
+  // properties — dados do produto
+  const properties = {
+    ...(value       !== undefined && { value: parseFloat(value) }),
+    ...(currency    && { currency: String(currency).toUpperCase() }),
+    ...(contentIds  && contentIds.length > 0 && {
+      contents: contentIds.map(id => ({
+        content_id:   String(id),
+        content_name: contentName || '',
+        content_type: contentType || 'product',
+        quantity:     1,
+        price:        value ? parseFloat(value) : 0,
+      })),
+    }),
+  };
+
+  const event = {
+    event:      eventName,
+    event_time: Math.floor(Date.now() / 1000),
+    event_id:   eventId || `cdp_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`,
+    user,
+    page: {
+      url:      pageUrl || 'https://server-edge-tracker.suporte-ed9.workers.dev',
+      referrer: request.headers.get('Referer') || '',
+    },
+    ...(Object.keys(properties).length > 0 && { properties }),
+    context: {
+      ip:         request.headers.get('CF-Connecting-IP') || '',
+      user_agent: request.headers.get('User-Agent') || '',
+    },
+  };
+
+  const body = {
+    event_source:    'web',
+    event_source_id: pixelId,
+    data:            [event],
+  };
+
+  // Endpoint obrigatório: sempre /v1.3/event/track/ (nunca /pixel/track/)
+  const endpoint = 'https://business-api.tiktok.com/open_api/v1.3/event/track/';
+
+  try {
+    const res = await fetch(endpoint, {
+      method:  'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Access-Token':  env.TIKTOK_ACCESS_TOKEN,
+      },
+      body: JSON.stringify(body),
+    });
+
+    const data = await res.json();
+    if (!res.ok || data.code !== 0) {
+      console.error('TikTok Events API error:', JSON.stringify(data));
+
+      // Log de falha para Feedback Loop
+      if (env.DB && ctx) {
+        ctx.waitUntil(logApiFailure(
+          env.DB,
+          'tiktok',
+          eventName,
+          String(data.code || res.status),
+          data.message || 'TikTok API error',
+          event.event_id,
+          JSON.stringify(body)
+        ));
+      }
+    }
+    return data;
+  } catch (err) {
+    console.error('TikTok Events API fetch failed:', err.message);
+
+    // Log de falha para Feedback Loop
+    if (env.DB && ctx) {
+      ctx.waitUntil(logApiFailure(
+        env.DB,
+        'tiktok',
+        eventName,
+        'FETCH_ERROR',
+        err.message,
+        null,
+        JSON.stringify(body)
+      ));
+    }
+
+    return { error: err.message };
+  }
+}
+
+
+// ── Pinterest — Conversions API v5 (server-side) — TEMPLATE (não ativo em prod)
+// Para ativar: configurar PINTEREST_ACCESS_TOKEN e PINTEREST_AD_ACCOUNT_ID
+// e descomentar a chamada no Promise.allSettled do /track
+//
+async function sendPinterestCapi(env, eventName, payload, request, ctx) {
+  if (!env.PINTEREST_ACCESS_TOKEN || !env.PINTEREST_AD_ACCOUNT_ID) {
+    return { skipped: 'Pinterest credentials not set' };
+  }
+
+  const {
+    email, phone, userId,
+    eventId, pageUrl,
+    value, currency,
+    contentIds, contentName,
+  } = payload;
+
+  const phoneNorm = normalizePhone(phone);
+
+  const pinterestEventMap = {
+    PageView:             'pagevisit',
+    ViewContent:          'pagevisit',
+    Lead:                 'lead',
+    Purchase:             'checkout',
+    AddToCart:            'addtocart',
+    InitiateCheckout:     'checkout',
+    CompleteRegistration: 'signup',
+    Search:               'search',
+    Contact:              'lead',
+  };
+  const pEvent = pinterestEventMap[eventName] || 'custom';
+
+  const userData = {
+    ...(email     && { em: [await sha256(email)] }),
+    ...(phoneNorm && { ph: [await sha256(phoneNorm)] }),
+    ...(userId    && { external_id: [await sha256(String(userId))] }),
+    client_ip_address: request.headers.get('CF-Connecting-IP') || '',
+    client_user_agent: request.headers.get('User-Agent') || '',
+  };
+
+  const body = {
+    data: [{
+      event_name:       pEvent,
+      action_source:    'web',
+      event_time:       Math.floor(Date.now() / 1000),
+      event_id:         eventId || `cdp_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`,
+      event_source_url: pageUrl || '',
+      user_data:        userData,
+      custom_data: {
+        currency:     (currency || 'BRL').toUpperCase(),
+        value:        value ? String(parseFloat(value)) : '0',
+        ...(contentIds?.length > 0 && { content_ids: contentIds.map(String) }),
+        ...(contentName            && { content_name: contentName }),
+        content_type: 'product',
+      },
+    }],
+  };
+
+  try {
+    const res = await fetch(
+      `https://api.pinterest.com/v5/ad_accounts/${env.PINTEREST_AD_ACCOUNT_ID}/events`,
+      {
+        method:  'POST',
+        headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${env.PINTEREST_ACCESS_TOKEN}` },
+        body:    JSON.stringify(body),
+      }
+    );
+    const data = await res.json();
+    if (!res.ok) {
+      console.error('Pinterest CAPI error:', JSON.stringify(data));
+      if (env.DB && ctx) ctx.waitUntil(logApiFailure(env.DB, 'pinterest', eventName, String(res.status), JSON.stringify(data), body.data[0].event_id, JSON.stringify(body)));
+    }
+    return data;
+  } catch (err) {
+    console.error('Pinterest CAPI fetch failed:', err.message);
+    if (env.DB && ctx) ctx.waitUntil(logApiFailure(env.DB, 'pinterest', eventName, 'FETCH_ERROR', err.message, null, JSON.stringify(body)));
+    return { error: err.message };
+  }
+}
+
+
+// ── Reddit — Conversions API v2.0 (server-side) ───────────────────────────────
+//
+//  Secrets necessários (wrangler secret put):
+//    REDDIT_ACCESS_TOKEN   → Bearer token da Reddit Conversions API
+//    REDDIT_AD_ACCOUNT_ID  → ID da conta de anúncios (ex: t2_XXXXXXX)
+//
+async function sendRedditCapi(env, eventName, payload, request, ctx) {
+  if (!env.REDDIT_ACCESS_TOKEN || !env.REDDIT_AD_ACCOUNT_ID) {
+    return { skipped: 'Reddit credentials not set' };
+  }
+
+  const {
+    email, phone, userId,
+    eventId, pageUrl,
+    value, currency,
+  } = payload;
+
+  const phoneNorm = normalizePhone(phone);
+
+  const redditEventMap = {
+    PageView:             'PageVisit',
+    ViewContent:          'ViewContent',
+    Lead:                 'Lead',
+    Purchase:             'Purchase',
+    AddToCart:            'AddToCart',
+    InitiateCheckout:     'Purchase',
+    CompleteRegistration: 'SignUp',
+    Search:               'Search',
+    Contact:              'Lead',
+  };
+  const rEvent = redditEventMap[eventName] || 'Custom';
+
+  const user = {
+    ...(email     && { email:       { value: await sha256(email) } }),
+    ...(phoneNorm && { phoneNumber: { value: await sha256(phoneNorm) } }),
+    ...(userId    && { externalId:  { value: await sha256(String(userId)) } }),
+    ipAddress: { value: request.headers.get('CF-Connecting-IP') || '' },
+    userAgent: { value: request.headers.get('User-Agent') || '' },
+  };
+
+  const event = {
+    event_at:   new Date().toISOString(),
+    event_type: { tracking_type: rEvent, ...(eventName === 'InitiateCheckout' && { conversion_type: 'BEGIN_CHECKOUT' }) },
+    click_id:   payload.rdtClid || '',
+    event_metadata: {
+      currency:       (currency || 'BRL').toUpperCase(),
+      value_decimal:  String(value || 0),
+      item_count:     '1',
+      conversion_id:  eventId || `cdp_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`,
+    },
+    user,
+  };
+
+  const body = { events: [event] };
+
+  try {
+    const res = await fetch(
+      `https://ads-api.reddit.com/api/v2.0/conversions/events/${env.REDDIT_AD_ACCOUNT_ID}`,
+      {
+        method:  'POST',
+        headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${env.REDDIT_ACCESS_TOKEN}` },
+        body:    JSON.stringify(body),
+      }
+    );
+    if (!res.ok) {
+      const txt = await res.text();
+      console.error('Reddit CAPI error:', txt);
+      if (env.DB && ctx) ctx.waitUntil(logApiFailure(env.DB, 'reddit', eventName, String(res.status), txt, event.event_metadata.conversion_id, JSON.stringify(body)));
+      return { error: `HTTP ${res.status}` };
+    }
+    const data = await res.json();
+    return data;
+  } catch (err) {
+    console.error('Reddit CAPI fetch failed:', err.message);
+    if (env.DB && ctx) ctx.waitUntil(logApiFailure(env.DB, 'reddit', eventName, 'FETCH_ERROR', err.message, null, JSON.stringify(body)));
+    return { error: err.message };
+  }
+}
+
+
+// ── LinkedIn — Conversions API v2 (server-side) ───────────────────────────────
+//
+//  Secrets necessários (wrangler secret put):
+//    LINKEDIN_ACCESS_TOKEN   → OAuth2 Bearer token da LinkedIn Marketing API
+//    LINKEDIN_CONVERSION_ID  → ID da conversão (URN: urn:li:conversion:XXXXXXXXX)
+//    LINKEDIN_AD_ACCOUNT_ID  → ID da conta de anúncios (ex: 123456789)
+//
+async function sendLinkedInCapi(env, eventName, payload, request, ctx) {
+  if (!env.LINKEDIN_ACCESS_TOKEN || !env.LINKEDIN_CONVERSION_ID) {
+    return { skipped: 'LinkedIn credentials not set' };
+  }
+
+  const {
+    email, phone, firstName, lastName, userId,
+    eventId, pageUrl,
+    value, currency,
+  } = payload;
+
+  const phoneNorm = normalizePhone(phone);
+
+  // LinkedIn só suporta conversões (Lead, Purchase, CompleteRegistration)
+  const linkedInEventMap = {
+    Lead:                 'LEAD',
+    Purchase:             'PURCHASE',
+    CompleteRegistration: 'REGISTRATION',
+    AddToCart:            'ADD_TO_CART',
+    InitiateCheckout:     'OTHER',
+    ViewContent:          'OTHER',
+    PageView:             'OTHER',
+    Contact:              'LEAD',
+  };
+  const liEvent = linkedInEventMap[eventName] || 'OTHER';
+
+  // user — SHA-256 em campos PII
+  const userInfo = {
+    ...(email     && { 'SHA256_EMAIL':      await sha256(email) }),
+    ...(phoneNorm && { 'SHA256_PHONE':      await sha256(phoneNorm) }),
+    ...(firstName && { 'SHA256_FIRST_NAME': await sha256(firstName.toLowerCase().trim()) }),
+    ...(lastName  && { 'SHA256_LAST_NAME':  await sha256(lastName.toLowerCase().trim()) }),
+  };
+
+  const body = {
+    conversion:    `urn:li:conversion:${env.LINKEDIN_CONVERSION_ID}`,
+    conversionHappenedAt: Date.now(),
+    conversionValue: value ? { currencyCode: (currency || 'BRL').toUpperCase(), amount: String(parseFloat(value)) } : undefined,
+    eventId:       eventId || `cdp_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`,
+    ...(Object.keys(userInfo).length > 0 && { user: { userIds: Object.entries(userInfo).map(([idType, idValue]) => ({ idType, idValue })) } }),
+  };
+
+  try {
+    const res = await fetch(
+      'https://api.linkedin.com/rest/conversionEvents',
+      {
+        method:  'POST',
+        headers: {
+          'Content-Type':           'application/json',
+          Authorization:            `Bearer ${env.LINKEDIN_ACCESS_TOKEN}`,
+          'LinkedIn-Version':       '202405',
+          'X-Restli-Protocol-Version': '2.0.0',
+        },
+        body: JSON.stringify(body),
+      }
+    );
+    if (!res.ok) {
+      const txt = await res.text();
+      console.error('LinkedIn CAPI error:', txt);
+      if (env.DB && ctx) ctx.waitUntil(logApiFailure(env.DB, 'linkedin', eventName, String(res.status), txt, body.eventId, JSON.stringify(body)));
+      return { error: `HTTP ${res.status}` };
+    }
+    return { ok: true };
+  } catch (err) {
+    console.error('LinkedIn CAPI fetch failed:', err.message);
+    if (env.DB && ctx) ctx.waitUntil(logApiFailure(env.DB, 'linkedin', eventName, 'FETCH_ERROR', err.message, null, JSON.stringify(body)));
+    return { error: err.message };
+  }
+}
+
+
+// ── Spotify — Conversions API v1 (server-side) ────────────────────────────────
+//
+//  Secrets necessários (wrangler secret put):
+//    SPOTIFY_ACCESS_TOKEN   → Bearer token da Spotify Advertising API
+//    SPOTIFY_AD_ACCOUNT_ID  → ID da conta de anúncios Spotify Ads
+//
+async function sendSpotifyCapi(env, eventName, payload, request, ctx) {
+  if (!env.SPOTIFY_ACCESS_TOKEN || !env.SPOTIFY_AD_ACCOUNT_ID) {
+    return { skipped: 'Spotify credentials not set' };
+  }
+
+  const {
+    email, phone, userId,
+    eventId, pageUrl,
+    value, currency,
+  } = payload;
+
+  const phoneNorm = normalizePhone(phone);
+
+  const spotifyEventMap = {
+    Purchase:             'PURCHASE',
+    Lead:                 'LEAD',
+    CompleteRegistration: 'SIGN_UP',
+    AddToCart:            'ADD_TO_CART',
+    InitiateCheckout:     'INITIATE_CHECKOUT',
+    ViewContent:          'VIEW_CONTENT',
+    PageView:             'PAGE_VIEW',
+    Contact:              'LEAD',
+  };
+  const spEvent = spotifyEventMap[eventName] || 'CUSTOM';
+
+  // user — SHA-256 em campos PII
+  const user = {
+    ...(email     && { hashed_email: await sha256(email) }),
+    ...(phoneNorm && { hashed_phone: await sha256(phoneNorm) }),
+    ...(userId    && { user_id:      userId }),
+    ip_address: request.headers.get('CF-Connecting-IP') || '',
+    user_agent: request.headers.get('User-Agent') || '',
+  };
+
+  const body = {
+    data: [{
+      event_id:    eventId || `cdp_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`,
+      event_type:  spEvent,
+      event_time:  Math.floor(Date.now() / 1000),
+      url:         pageUrl || '',
+      user,
+      ...(value !== undefined && {
+        value: {
+          currency: (currency || 'BRL').toUpperCase(),
+          amount:   parseFloat(value),
+        },
+      }),
+    }],
+  };
+
+  try {
+    const res = await fetch(
+      `https://advertising-api.spotify.com/conversion/v1/accounts/${env.SPOTIFY_AD_ACCOUNT_ID}/events`,
+      {
+        method:  'POST',
+        headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${env.SPOTIFY_ACCESS_TOKEN}` },
+        body:    JSON.stringify(body),
+      }
+    );
+    if (!res.ok) {
+      const txt = await res.text();
+      console.error('Spotify CAPI error:', txt);
+      if (env.DB && ctx) ctx.waitUntil(logApiFailure(env.DB, 'spotify', eventName, String(res.status), txt, body.data[0].event_id, JSON.stringify(body)));
+      return { error: `HTTP ${res.status}` };
+    }
+    const data = await res.json();
+    return data;
+  } catch (err) {
+    console.error('Spotify CAPI fetch failed:', err.message);
+    if (env.DB && ctx) ctx.waitUntil(logApiFailure(env.DB, 'spotify', eventName, 'FETCH_ERROR', err.message, null, JSON.stringify(body)));
+    return { error: err.message };
+  }
+}
+
+
+// ── WhatsApp — Meta Cloud API v22.0 (notificações ao dono) ───────────────────
+//
+//  Secrets necessários (wrangler secret put):
+//    WA_PHONE_ID          → ID do número no WhatsApp Business (ex: 123456789012345)
+//    WA_ACCESS_TOKEN      → Token permanente da Meta Cloud API
+//    WA_NOTIFY_NUMBER     → Número do dono para receber notificações (ex: 5511999998888)
+//
+//  Usado para: avisos de Nova Venda e Novo Lead em tempo real.
+//
+async function sendWhatsApp(env, tipo, payload) {
+  if (!env.WA_PHONE_ID || !env.WA_ACCESS_TOKEN || !env.WA_NOTIFY_NUMBER) {
+    return { skipped: 'WhatsApp não configurado' };
+  }
+
+  const nome    = [payload.firstName, payload.lastName].filter(Boolean).join(' ') || 'sem nome';
+  const valor   = payload.value ? `R$ ${parseFloat(payload.value).toFixed(2)}` : '—';
+  const utm     = payload.utmSource || 'direto';
+  const produto = payload.contentName || '';
+
+  let texto = '';
+  if (tipo === 'Purchase') {
+    texto =
+      `🛒 *Nova Venda!*\n\n` +
+      `👤 ${nome}\n` +
+      `📧 ${payload.email || '—'}\n` +
+      `📱 ${payload.phone || '—'}\n` +
+      `💰 ${valor}\n` +
+      (produto ? `📦 ${produto}\n` : '') +
+      `🔗 UTM: ${utm}\n` +
+      `🕐 ${new Date().toLocaleString('pt-BR', { timeZone: 'America/Sao_Paulo' })}`;
+  } else if (tipo === 'Lead') {
+    texto =
+      `📋 *Novo Lead!*\n\n` +
+      `📧 ${payload.email || '—'}\n` +
+      `🔗 UTM: ${utm}\n` +
+      `🌐 ${payload.pageUrl || '—'}\n` +
+      `🕐 ${new Date().toLocaleString('pt-BR', { timeZone: 'America/Sao_Paulo' })}`;
+  } else {
+    return { skipped: `tipo ${tipo} não notificado` };
+  }
+
+  try {
+    const res = await fetch(`https://graph.facebook.com/v22.0/${env.WA_PHONE_ID}/messages`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': `Bearer ${env.WA_ACCESS_TOKEN}`,
+      },
+      body: JSON.stringify({
+        messaging_product: 'whatsapp',
+        to: env.WA_NOTIFY_NUMBER,
+        type: 'text',
+        text: { body: texto },
+      }),
+    });
+    return { ok: res.ok, status: res.status };
+  } catch (err) {
+    console.error('WhatsApp Meta API failed:', err.message);
+    return { ok: false, error: err.message };
+  }
+}
+
+// ── CallMeBot — Alertas de sistema (falhas Cloudflare, API down, erros críticos)
+//
+//  Secrets necessários (wrangler secret put):
+//    CALLMEBOT_PHONE      → Número do admin no formato internacional (ex: +5511999998888)
+//    CALLMEBOT_APIKEY     → API Key gerada pelo CallMeBot (ativar via WhatsApp: wa.me/34638398527)
+//
+//  Usado para: alertas internos do sistema — Worker com erro, API falhando,
+//              token expirado, D1 com problema. NÃO para mensagens a clientes.
+//
+async function sendCallMeBot(env, mensagem) {
+  if (!env.CALLMEBOT_PHONE || !env.CALLMEBOT_APIKEY) {
+    return { skipped: 'CallMeBot não configurado' };
+  }
+  try {
+    const url = `https://api.callmebot.com/whatsapp.php?phone=${encodeURIComponent(env.CALLMEBOT_PHONE)}&text=${encodeURIComponent(mensagem)}&apikey=${env.CALLMEBOT_APIKEY}`;
+    const res = await fetch(url);
+    return { ok: res.ok, status: res.status };
+  } catch (err) {
+    console.error('CallMeBot failed:', err.message);
+    return { ok: false, error: err.message };
+  }
+}
+
+// ── WhatsApp CTWA — Processa webhook de mensagem recebida ─────────────────────
+// Acionado em POST /webhook/whatsapp quando um usuário envia mensagem após
+// clicar em um anúncio "Click to WhatsApp" (CTWA) no Facebook/Instagram.
+//
+// O payload da Meta Cloud API inclui:
+//   message.from          → número do usuário (sem "+", ex: "5511999998888")
+//   message.id (wamid)    → ID único da mensagem (usado para deduplicação)
+//   message.referral      → dados do anúncio que gerou o clique:
+//     .ctwa_clid           → identificador do clique (equivalente ao fbclid para CTWA)
+//     .source_id           → ID do anúncio
+//     .source_url          → URL do anúncio no Facebook/Instagram
+//     .headline            → título do anúncio
+//
+// O evento enviado à Meta CAPI usa action_source="chat" (obrigatório para CTWA)
+// e inclui ctwa_clid em user_data (sem hash) junto com ph (phone hasheado).
+// Isso permite à Meta fechar o loop: clique no anúncio → conversa no WhatsApp.
+async function processWhatsAppWebhook(env, body, request, ctx) {
+  const entry  = body?.entry?.[0];
+  const change = entry?.changes?.find(c => c.field === 'messages');
+  if (!change) return { skipped: 'no messages field' };
+
+  const messages = change.value?.messages;
+  if (!messages || messages.length === 0) return { skipped: 'no messages' };
+
+  const results = [];
+
+  for (const message of messages) {
+    const phone       = message.from;                  // ex: "5511999998888"
+    const wamid       = message.id;                    // ID único da mensagem
+    const referral    = message.referral || {};
+    const ctwaClid    = referral.ctwa_clid  || null;   // click ID do anúncio
+    const adId        = referral.source_id  || null;
+    const sourceUrl   = referral.source_url || null;
+    const headline    = referral.headline   || null;
+    const messageBody = message.text?.body  || message.type || '';
+
+    if (!phone) {
+      results.push({ skipped: 'no phone' });
+      continue;
+    }
+
+    const phoneNorm = normalizePhone(phone) || phone;
+    const phoneHash = await sha256(phoneNorm);
+
+    // Deduplicação — mesmo wamid não dispara duas vezes
+    if (env.DB && wamid) {
+      try {
+        const existing = await env.DB.prepare(
+          'SELECT id FROM whatsapp_contacts WHERE wamid = ?'
+        ).bind(wamid).first();
+        if (existing) {
+          results.push({ skipped: 'duplicate wamid', wamid });
+          continue;
+        }
+      } catch { /* não bloquear se D1 falhar */ }
+    }
+
+    const eventId = `ctwa_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
+
+    // Persistir contato no D1 (antes de enviar ao CAPI)
+    if (env.DB) {
+      ctx.waitUntil(
+        env.DB.prepare(
+          `INSERT OR IGNORE INTO whatsapp_contacts
+           (phone_hash, phone_raw, wamid, ctwa_clid, ad_id, source_url, headline, capi_sent, capi_event_id, message_body)
+           VALUES (?,?,?,?,?,?,?,0,?,?)`
+        ).bind(phoneHash, phoneNorm, wamid || null, ctwaClid, adId,
+               sourceUrl, headline, eventId, messageBody || null).run()
+      );
+    }
+
+    // Montar evento para Meta CAPI
+    // action_source: "chat" é obrigatório para eventos originados no WhatsApp
+    // ctwa_clid vai em user_data sem hash (a Meta exige assim)
+    const capiEvent = {
+      event_name:    'Contact',
+      event_time:    Math.floor(Date.now() / 1000),
+      event_id:      eventId,
+      action_source: 'chat',
+      user_data: {
+        ph: phoneHash,
+        ...(ctwaClid && { ctwa_clid: ctwaClid }),
+        client_ip_address: request.headers.get('CF-Connecting-IP') || '',
+        client_user_agent: request.headers.get('User-Agent') || '',
+      },
+      ...(sourceUrl && { event_source_url: sourceUrl }),
+    };
+
+    const pixelId = env.META_PIXEL_ID || META_PIXEL_ID;
+
+    // Enviar ao Meta CAPI de forma assíncrona (não bloqueia a resposta ao WhatsApp)
+    ctx.waitUntil(
+      (async () => {
+        try {
+          const requestBody = {
+            data:         [capiEvent],
+            access_token: env.META_ACCESS_TOKEN,
+          };
+          if (env.META_TEST_CODE) requestBody.test_event_code = env.META_TEST_CODE;
+
+          const res = await fetch(
+            `https://graph.facebook.com/v22.0/${pixelId}/events`,
+            {
+              method:  'POST',
+              headers: { 'Content-Type': 'application/json' },
+              body:    JSON.stringify(requestBody),
+            }
+          );
+          const data = await res.json();
+
+          if (res.ok && env.DB && wamid) {
+            await env.DB.prepare(
+              'UPDATE whatsapp_contacts SET capi_sent = 1 WHERE wamid = ?'
+            ).bind(wamid).run();
+          } else if (!res.ok) {
+            console.error('[CTWA] Meta CAPI error:', JSON.stringify(data));
+            if (env.DB) {
+              await logApiFailure(env.DB, 'meta', 'Contact', data.error?.code || res.status,
+                data.error?.message || 'CTWA CAPI error', eventId, JSON.stringify(requestBody));
+            }
+          }
+        } catch (err) {
+          console.error('[CTWA] Meta CAPI fetch failed:', err.message);
+        }
+      })()
+    );
+
+    // Registrar também na tabela leads para aparecer no CRM Dashboard
+    ctx.waitUntil(
+      saveLead(env, 'Contact', {
+        phone:       phoneNorm,
+        eventId:     eventId,
+        pageUrl:     sourceUrl,
+        utmSource:   'whatsapp_ctwa',
+        utmMedium:   'paid_social',
+      }, request, 'whatsapp')
+    );
+
+    results.push({
+      ok:        true,
+      phone:     phoneNorm.slice(0, 4) + '****',
+      ctwa_clid: ctwaClid ? 'present' : 'absent',
+      event_id:  eventId,
+    });
+  }
+
+  return { processed: results.length, results };
+}
+
+// ── Verificação de assinatura HMAC-SHA256 (webhooks) ─────────────────────────
+async function verifyHmac(secret, rawBody, receivedSignature) {
+  if (!secret || !receivedSignature) return false;
+  try {
+    const key = await crypto.subtle.importKey(
+      'raw',
+      new TextEncoder().encode(secret),
+      { name: 'HMAC', hash: 'SHA-256' },
+      false,
+      ['sign']
+    );
+    const sig = await crypto.subtle.sign(
+      'HMAC', key, new TextEncoder().encode(rawBody)
+    );
+    const computed = Array.from(new Uint8Array(sig))
+      .map(b => b.toString(16).padStart(2, '0')).join('');
+    // Comparação constant-time (evita timing attack)
+    if (computed.length !== receivedSignature.length) return false;
+    let diff = 0;
+    for (let i = 0; i < computed.length; i++) {
+      diff |= computed.charCodeAt(i) ^ receivedSignature.charCodeAt(i);
+    }
+    return diff === 0;
+  } catch {
+    return false;
+  }
+}
+
+// ── Mapa Meta → GA4 event names ───────────────────────────────────────────────
+const META_TO_GA4 = {
+  PageView:             'page_view',
+  ViewContent:          'view_item',
+  Lead:                 'generate_lead',
+  Contact:              'generate_lead',
+  Schedule:             'generate_lead',
+  InitiateCheckout:     'begin_checkout',
+  AddToCart:            'add_to_cart',
+  AddPaymentInfo:       'add_payment_info',
+  Purchase:             'purchase',
+  CompleteRegistration: 'sign_up',
+  Subscribe:            'subscribe',
+  StartTrial:           'start_trial',
+  Search:               'search',
+  AddToWishlist:        'add_to_wishlist',
+};
+
+// ── Persistir LTV no perfil D1 ───────────────────────────────────────────────
+async function upsertLtvProfile(env, userId, ltv) {
+  if (!env.DB || !userId) return;
+  try {
+    await env.DB.prepare(`
+      UPDATE user_profiles
+      SET predicted_ltv_class = ?,
+          predicted_ltv_value = ?,
+          updated_at          = datetime('now')
+      WHERE user_id = ?
+    `).bind(ltv.class, ltv.value, userId).run();
+  } catch (err) {
+    console.error('upsertLtvProfile error:', err.message);
+  }
+}
+
+// ─────────────────────────────────────────────────────────────────────────────
+// LTV PREDICTION — Valor Preditivo de Lifetime Value
+// ─────────────────────────────────────────────────────────────────────────────
+
+/**
+ * Prediz o LTV (Lifetime Value) de um lead no momento do primeiro contato.
+ *
+ * Modelo heurístico em 5 dimensões (0–100 pontos):
+ *   1. Engajamento browser   (0–30 pts) — engagement_score + user_score
+ *   2. Origem de tráfego     (0–25 pts) — UTM source (paid > organic > direct)
+ *   3. Contexto de rede      (0–15 pts) — ASN corporativo, país, hora do dia
+ *   4. Contexto do evento    (0–20 pts) — InitiateCheckout visto antes = +20
+ *   5. Dados PII disponíveis (0–10 pts) — email + phone + nome = melhor match
+ *
+ * Retorna: { score, class, value }
+ *   score: 0–100
+ *   class: 'High' | 'Medium' | 'Low'
+ *   value: valor em BRL (base × multiplicador da classe)
+ */
+async function predictLtv(env, payload, request) {
+  let score = 0;
+
+  // 1. Engajamento browser (0–30)
+  const engScore  = parseFloat(payload.engagementScore || 0);
+  const userScore = parseFloat(payload.userScore || 0);
+  // engagement_score é 0-5 → normaliza para 0-15
+  score += Math.min(15, Math.round((engScore / 5) * 15));
+  // user_score é 0-100 → normaliza para 0-15
+  score += Math.min(15, Math.round((userScore / 100) * 15));
+
+  // 2. Origem de tráfego (0–25)
+  const src = (payload.utmSource || '').toLowerCase();
+  const utm_score_map = {
+    facebook: 25, instagram: 25, meta: 25,
+    google: 22, youtube: 22, tiktok: 20,   // youtube = mesmo nível do google search (alta intenção)
+    email: 18, sms: 18,
+    organic: 10, direct: 5,
+  };
+  const utmScore = utm_score_map[src] ?? (src ? 8 : 3);
+  score += utmScore;
+
+  // 3. Contexto de rede (0–15)
+  const hour   = new Date().getUTCHours();
+  const country = (payload.country || request.cf?.country || '').toUpperCase();
+  const org    = String(request.cf?.asOrganization || '').toLowerCase();
+
+  // Horário de alta conversão: 18h-23h BRT (21h-02h UTC) = +8
+  const isHighConvTime = hour >= 21 || hour <= 2;
+  score += isHighConvTime ? 8 : (hour >= 12 && hour <= 20 ? 4 : 1);
+
+  // País Brasil = público-alvo primário = +5; outros LATAM = +3
+  const latam = ['AR', 'CL', 'CO', 'MX', 'PE', 'UY', 'PY', 'BO'];
+  score += country === 'BR' ? 5 : (latam.includes(country) ? 3 : 1);
+
+  // ASN corporativo (empresa/datacenter = B2B = alto LTV) = +2
+  const isCorp = /ltda|s\.a\.|corp|telecom|fibra|claro|vivo|tim|oi/.test(org);
+  score += isCorp ? 2 : 0;
+
+  // 4. Contexto do evento (0–20)
+  // InitiateCheckout visto antes deste Lead = usuário já na jornada de compra
+  const intentionLevel = (payload.intentionLevel || '').toLowerCase();
+  if (intentionLevel === 'comprador' || intentionLevel === 'high_intent') score += 20;
+  else if (intentionLevel === 'interessado') score += 12;
+  else if (intentionLevel === 'nurture') score += 6;
+
+  // 5. Dados PII disponíveis (0–10)
+  if (payload.email) score += 4;
+  if (payload.phone) score += 4;
+  if (payload.firstName) score += 2;
+
+  score = Math.min(100, score);
+
+  // Classificação
+  let ltvClass, ltvMultiplier;
+  if (score >= 70) {
+    ltvClass = 'High';   ltvMultiplier = 3.5;
+  } else if (score >= 40) {
+    ltvClass = 'Medium'; ltvMultiplier = 1.8;
+  } else {
+    ltvClass = 'Low';    ltvMultiplier = 0.8;
+  }
+
+  // Valor base do produto (do payload) ou estimativa por classe
+  const productValue = payload.value ? parseFloat(payload.value) : 0;
+  const baseValue = productValue > 0 ? productValue : 197; // ticket médio padrão BR
+  const predictedValue = Math.round(baseValue * ltvMultiplier * 100) / 100;
+
+  // Enriquecimento opcional via Workers AI (se binding disponível)
+  // Usado apenas para ajuste fino do score — não bloqueia o fluxo principal
+  let aiAdjustment = 0;
+  if (env.AI && score >= 40) {
+    try {
+      const prompt = [
+        { role: 'system', content: 'You are a conversion rate expert. Reply ONLY with a JSON object {"adjustment": <number between -10 and 10>} based on the lead data provided. No explanation.' },
+        { role: 'user', content: JSON.stringify({
+          utm_source: payload.utmSource,
+          intention: intentionLevel,
+          engagement: engScore,
+          hour_utc: hour,
+          country,
+          has_email: !!payload.email,
+          has_phone: !!payload.phone,
+        })},
+      ];
+      const aiRes = await env.AI.run('@cf/meta/llama-3.1-8b-instruct', { messages: prompt, max_tokens: 32 });
+      const parsed = JSON.parse(aiRes.response.trim());
+      if (typeof parsed.adjustment === 'number') {
+        aiAdjustment = Math.max(-10, Math.min(10, parsed.adjustment));
+      }
+    } catch { /* graceful fallback — AI opcional */ }
+  }
+
+  const finalScore = Math.min(100, Math.max(0, score + aiAdjustment));
+
+  return {
+    score:  finalScore,
+    class:  ltvClass,
+    value:  predictedValue,
+  };
+}
+
+// ─────────────────────────────────────────────────────────────────────────────
+// FEEDBACK LOOP — Monitoramento de Falhas e Saúde
+// ─────────────────────────────────────────────────────────────────────────────
+
+// ── Log de Falha de API ─────────────────────────────────────────────────────
+async function logApiFailure(DB, platform, eventName, errorCode, errorMessage, eventId, rawPayload) {
+  try {
+    await DB.prepare(`
+      INSERT INTO api_failures (platform, event_name, error_code, error_message, event_id, raw_payload, retry_count, final_status)
+      VALUES (?, ?, ?, ?, ?, ?, 0, 'failed')
+    `).bind(platform, eventName, String(errorCode), errorMessage, eventId, rawPayload).run();
+  } catch (err) {
+    console.error('Failed to log API failure:', err.message);
+  }
+}
+
+// ── Métricas de Saúde (últimas 24h) ─────────────────────────────────────────
+async function getHealthMetrics(DB, platform, hours = 24) {
+  try {
+    // Total de eventos com falha
+    const failures = await DB.prepare(`
+      SELECT COUNT(*) as count, error_code
+      FROM api_failures
+      WHERE platform = ? AND created_at > datetime('now', '-${hours} hours')
+      GROUP BY error_code
+    `).bind(platform).all();
+
+    // Total de eventos enviados (leads table)
+    const totalSent = await DB.prepare(`
+      SELECT COUNT(*) as count
+      FROM leads
+      WHERE platform = ? AND created_at > datetime('now', '-${hours} hours')
+    `).bind(platform).first();
+
+    const totalFailed = failures.reduce((sum, f) => sum + f.count, 0);
+    const successRate = totalSent?.count > 0
+      ? ((totalSent.count - totalFailed) / totalSent.count) * 100
+      : 100;
+
+    return {
+      platform,
+      hours,
+      events_sent: totalSent?.count || 0,
+      events_failed: totalFailed,
+      success_rate: successRate,
+      errors_detected: failures.map(f => ({ code: f.error_code, count: f.count })),
+      issues: totalFailed > (totalSent?.count || 0) * 0.1 ? ['high_error_rate'] : [],
+    };
+  } catch (err) {
+    console.error('Failed to get health metrics:', err.message);
+    return {
+      platform,
+      hours,
+      events_sent: 0,
+      events_failed: 0,
+      success_rate: 0,
+      errors_detected: [],
+      issues: ['metrics_unavailable'],
+    };
+  }
+}
+
+// ── Gerar Relatório Diário ────────────────────────────────────────────────────
+async function generateDailyReport(DB) {
+  const platforms = ['meta', 'ga4', 'tiktok', 'pinterest', 'reddit'];
+  const today = new Date().toISOString().split('T')[0];
+
+  const reports = [];
+
+  for (const platform of platforms) {
+    const metrics = await getHealthMetrics(DB, platform, 24);
+
+    try {
+      await DB.prepare(`
+        INSERT INTO health_reports (report_date, platform, events_sent, events_failed, success_rate, errors_detected, issues_detected)
+        VALUES (?, ?, ?, ?, ?, ?, ?)
+      `).bind(
+        today,
+        platform,
+        metrics.events_sent,
+        metrics.events_failed,
+        metrics.success_rate,
+        JSON.stringify(metrics.errors_detected),
+        JSON.stringify(metrics.issues)
+      ).run();
+      reports.push({ platform, status: 'ok' });
+    } catch (err) {
+      console.error(`Failed to generate report for ${platform}:`, err.message);
+      reports.push({ platform, status: 'failed' });
+    }
+  }
+
+  return reports;
+}
+
+// ── Verificar Versões de API (scheduled task) ────────────────────────────────
+async function checkApiVersions() {
+  // Consulta api-versions.json para verificar versões atuais
+  // Em produção, isso poderia fazer fetch para documentação oficial
+  const currentVersions = {
+    meta: 'v22.0',
+    ga4: 'latest',
+    tiktok: 'v1.3',
+    pinterest: 'v5',
+    reddit: 'v2.0',
+  };
+
+  const today = new Date().toISOString().split('T')[0];
+  const nextReview = '2026-04-27'; // Data do próximo review
+
+  return {
+    check_date: today,
+    next_review: nextReview,
+    versions: currentVersions,
+    status: 'ok',
+  };
+}
+
+// ─────────────────────────────────────────────────────────────────────────────
+// INTELLIGENCE AGENT — Monitoramento Autônomo
+// ─────────────────────────────────────────────────────────────────────────────
+
+// Versões esperadas das APIs (fonte da verdade: contracts/api-versions.json)
+const EXPECTED_API_VERSIONS = {
+  meta:      'v22.0',
+  ga4:       'latest',
+  tiktok:    'v1.3',
+  pinterest: 'v5',
+  reddit:    'v2.0',
+};
+
+// Thresholds de alerta
+const ALERT_THRESHOLDS = {
+  errorRateCritical: 0.20, // > 20% de falha = crítico
+  errorRateWarning:  0.10, // > 10% de falha = aviso
+};
+
+// ── Log de execução do Intelligence Agent no D1 ──────────────────────────────
+async function logIntelligence(DB, runType, platform, checkType, status, currentValue, expectedValue, message, alertSent = false) {
+  if (!DB) return;
+  try {
+    await DB.prepare(`
+      INSERT INTO intelligence_logs (run_type, platform, check_type, status, current_value, expected_value, message, alert_sent)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+    `).bind(runType, platform, checkType, status, String(currentValue ?? ''), String(expectedValue ?? ''), message, alertSent ? 1 : 0).run();
+  } catch (err) {
+    console.error('logIntelligence error:', err.message);
+  }
+}
+
+// ── Alerta CallMeBot para o admin (falhas de sistema, API down, erros críticos)
+async function sendIntelligenceAlert(env, severity, title, details) {
+  const icon = severity === 'critical' ? '🚨' : '⚠️';
+  const texto =
+    `${icon} CDP Edge — ${title}\n\n` +
+    details + '\n\n' +
+    new Date().toLocaleString('pt-BR', { timeZone: 'America/Sao_Paulo' });
+
+  return sendCallMeBot(env, texto);
+}
+
+// ── Check de versões de API ───────────────────────────────────────────────────
+async function checkApiVersionsIntelligence(env, runType) {
+  const results = [];
+
+  for (const [platform, expected] of Object.entries(EXPECTED_API_VERSIONS)) {
+    // Versão atual baseada no código deployado
+    const currentMap = { meta: 'v22.0', tiktok: 'v1.3', ga4: 'latest', pinterest: 'v5', reddit: 'v2.0' };
+    const current = currentMap[platform] || 'unknown';
+    const isOk = current === expected || expected === 'latest';
+    const status = isOk ? 'ok' : 'warning';
+
+    await logIntelligence(env.DB, runType, platform, 'api_version', status, current, expected,
+      isOk ? `${platform} ${current} — versão correta` : `${platform} ${current} desatualizado, esperado ${expected}`
+    );
+
+    results.push({ platform, current, expected, status });
+  }
+
+  return results;
+}
+
+// ── Auditoria de taxa de erro por plataforma (últimas 24h) ───────────────────
+async function auditErrorRates(env, runType) {
+  if (!env.DB) return [];
+  const alerts = [];
+
+  for (const platform of ['meta', 'ga4', 'tiktok']) {
+    const metrics = await getHealthMetrics(env.DB, platform, 24);
+    const errorRate = metrics.events_sent > 0
+      ? metrics.events_failed / metrics.events_sent
+      : 0;
+
+    let status = 'ok';
+    if (errorRate >= ALERT_THRESHOLDS.errorRateCritical) status = 'critical';
+    else if (errorRate >= ALERT_THRESHOLDS.errorRateWarning)  status = 'warning';
+
+    const message = `${platform}: ${metrics.events_sent} eventos, ${metrics.events_failed} falhas (${(errorRate * 100).toFixed(1)}%)`;
+    const alertSent = status !== 'ok'
+      ? await sendIntelligenceAlert(env, status, `Taxa de Erro Alta — ${platform.toUpperCase()}`,
+          `📊 ${message}\n🎯 Taxa: ${(errorRate * 100).toFixed(1)}% (limite: ${ALERT_THRESHOLDS.errorRateWarning * 100}%)`)
+      : false;
+
+    await logIntelligence(env.DB, runType, platform, 'error_rate', status,
+      `${(errorRate * 100).toFixed(1)}%`,
+      `${ALERT_THRESHOLDS.errorRateWarning * 100}%`,
+      message, alertSent
+    );
+
+    if (status !== 'ok') alerts.push({ platform, errorRate, status });
+  }
+
+  return alerts;
+}
+
+// ── Runner principal do Intelligence Agent ────────────────────────────────────
+async function runIntelligenceAgent(env, runType) {
+  console.log(`[Intelligence Agent] Iniciando ${runType}`);
+
+  // 1. Check de versões (sempre)
+  const versionResults = await checkApiVersionsIntelligence(env, runType);
+  console.log(`[Intelligence Agent] Versões verificadas: ${versionResults.length} plataformas`);
+
+  // 2. Relatório diário de saúde (sempre)
+  if (env.DB) {
+    const reports = await generateDailyReport(env.DB);
+    console.log(`[Intelligence Agent] Relatórios gerados: ${reports.length}`);
+  }
+
+  // 3. Auditoria de taxas de erro (sempre)
+  const errorAlerts = await auditErrorRates(env, runType);
+  if (errorAlerts.length > 0) {
+    console.warn(`[Intelligence Agent] ${errorAlerts.length} alertas de taxa de erro enviados`);
+  }
+
+  // 4. Auditoria mensal adicional
+  if (runType === 'monthly_audit') {
+    // Verificar LTV: quantos perfis High vs Low no último mês
+    if (env.DB) {
+      try {
+        const ltvStats = await env.DB.prepare(`
+          SELECT predicted_ltv_class, COUNT(*) as count
+          FROM user_profiles
+          WHERE predicted_ltv_class IS NOT NULL
+            AND updated_at > datetime('now', '-30 days')
+          GROUP BY predicted_ltv_class
+        `).all();
+
+        const summary = ltvStats.results?.map(r => `${r.predicted_ltv_class}: ${r.count}`).join(', ') || 'sem dados';
+        await logIntelligence(env.DB, runType, 'all', 'ltv_distribution', 'ok', summary, null,
+          `Distribuição LTV últimos 30 dias: ${summary}`);
+        console.log(`[Intelligence Agent] LTV distribution: ${summary}`);
+      } catch (err) {
+        console.error('LTV audit error:', err.message);
+      }
+    }
+  }
+
+  // 5. Customer Match — sync semanal D1 → Meta Custom Audience
+  const cmResult = await syncMetaCustomAudience(env);
+  console.log(`[Intelligence Agent] Customer Match Meta: ${JSON.stringify(cmResult)}`);
+
+  console.log(`[Intelligence Agent] ${runType} concluído`);
+}
+
+// ─────────────────────────────────────────────────────────────────────────────
+// CUSTOMER MATCH — Sync automático D1 → Meta Custom Audiences
+// ─────────────────────────────────────────────────────────────────────────────
+
+/**
+ * Busca leads high_intent + buyer_lookalike do D1 e envia para Meta Custom Audience.
+ *
+ * Secrets necessários (wrangler secret put):
+ *   META_AD_ACCOUNT_ID  → ID da conta de anúncios (act_XXXXXXXXX)
+ *   META_AUDIENCE_ID    → ID da Custom Audience já criada no Meta Ads
+ *
+ * Meta aceita até 10.000 usuários por chamada.
+ * Formato: schema EMAIL_SHA256 + PHONE_SHA256, dados já hasheados.
+ */
+async function syncMetaCustomAudience(env) {
+  if (!env.META_ACCESS_TOKEN || !env.META_AD_ACCOUNT_ID || !env.META_AUDIENCE_ID) {
+    console.log('[CustomerMatch] Meta: secrets não configurados — pulando sync');
+    return { skipped: 'META_AD_ACCOUNT_ID ou META_AUDIENCE_ID não configurados' };
+  }
+  if (!env.DB) return { skipped: 'DB não disponível' };
+
+  try {
+    // Busca perfis high_intent e buyer_lookalike atualizados nos últimos 30 dias
+    const profiles = await env.DB.prepare(`
+      SELECT email, phone
+      FROM user_profiles
+      WHERE cohort_label IN ('high_intent', 'buyer_lookalike')
+        AND updated_at > datetime('now', '-30 days')
+        AND email IS NOT NULL
+      LIMIT 10000
+    `).all();
+
+    if (!profiles.results || profiles.results.length === 0) {
+      console.log('[CustomerMatch] Meta: nenhum perfil elegível');
+      return { sent: 0 };
+    }
+
+    // Hash de cada linha — Meta exige SHA-256 lowercase sem espaços
+    const data = await Promise.all(
+      profiles.results.map(async (p) => {
+        const row = [];
+        row.push(p.email ? await sha256(p.email) : '');
+        row.push(p.phone ? await sha256(p.phone) : '');
+        return row;
+      })
+    );
+
+    const body = {
+      payload: {
+        schema: ['EMAIL_SHA256', 'PHONE_SHA256'],
+        data,
+      },
+    };
+
+    const endpoint = `https://graph.facebook.com/v22.0/${env.META_AUDIENCE_ID}/users`;
+    const res = await fetch(endpoint, {
+      method:  'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body:    JSON.stringify({ ...body, access_token: env.META_ACCESS_TOKEN }),
+    });
+
+    const result = await res.json();
+
+    if (!res.ok) {
+      console.error('[CustomerMatch] Meta erro:', JSON.stringify(result));
+      return { error: result.error?.message, sent: 0 };
+    }
+
+    console.log(`[CustomerMatch] Meta: ${profiles.results.length} perfis sincronizados`);
+    return { sent: profiles.results.length, num_received: result.num_received };
+
+  } catch (err) {
+    console.error('[CustomerMatch] Meta fetch error:', err.message);
+    return { error: err.message, sent: 0 };
+  }
+}
+
+/**
+ * Gera payload formatado para Google Ads Customer Match (upload manual ou via API).
+ * Retorna JSON com emails e phones hasheados prontos para upload.
+ *
+ * Google Ads Customer Match não tem API simples disponível via Workers sem OAuth2.
+ * Esta função gera o arquivo — o upload é feito via endpoint GET /export/customer-match.
+ */
+async function buildGoogleCustomerMatchExport(env) {
+  if (!env.DB) return [];
+
+  const profiles = await env.DB.prepare(`
+    SELECT email, phone, first_name, last_name
+    FROM user_profiles
+    WHERE cohort_label IN ('high_intent', 'buyer_lookalike')
+      AND updated_at > datetime('now', '-30 days')
+      AND email IS NOT NULL
+    LIMIT 10000
+  `).all();
+
+  if (!profiles.results?.length) return [];
+
+  return Promise.all(
+    profiles.results.map(async (p) => ({
+      hashed_email:      p.email      ? await sha256(p.email)      : '',
+      hashed_phone:      p.phone      ? await sha256(p.phone)      : '',
+      first_name:        p.first_name || '',
+      last_name:         p.last_name  || '',
+    }))
+  );
+}
+
+// ─────────────────────────────────────────────────────────────────────────────
+// HANDLER PRINCIPAL
+// ─────────────────────────────────────────────────────────────────────────────
+export default {
+  async fetch(request, env, ctx) {
+    const origin  = request.headers.get('Origin') || '';
+    const headers = {
+      'Content-Type': 'application/json',
+      ...corsHeaders(origin),
+    };
+
+    // Preflight CORS
+    if (request.method === 'OPTIONS') {
+      return new Response(null, { status: 204, headers });
+    }
+
+    const url = new URL(request.url);
+
+    // ── GET /export/customer-match — exporta leads para Google Ads (download) ──
+    if (request.method === 'GET' && url.pathname === '/export/customer-match') {
+      // Proteção simples por token (mesmo META_ACCESS_TOKEN ou secret dedicado)
+      const authHeader = request.headers.get('Authorization') || '';
+      const token = authHeader.replace('Bearer ', '');
+      if (!env.META_ACCESS_TOKEN || token !== env.META_ACCESS_TOKEN) {
+        return new Response('Unauthorized', { status: 401 });
+      }
+
+      const rows = await buildGoogleCustomerMatchExport(env);
+      return new Response(JSON.stringify({ total: rows.length, data: rows }, null, 2), {
+        headers: { ...headers, 'Content-Disposition': 'attachment; filename="customer-match.json"' },
+      });
+    }
+
+    // ── GET /health ───────────────────────────────────────────────────────────
+    if (request.method === 'GET' && url.pathname === '/health') {
+      return new Response(JSON.stringify({
+        status:          'ok',
+        meta_pixel:      META_PIXEL_ID,
+        ga4:             GA4_MEASUREMENT_ID,
+        tiktok_pixel:    env.TIKTOK_PIXEL_ID || TIKTOK_PIXEL_ID,
+        db:              env.DB ? 'connected' : 'not bound',
+        meta_token:      env.META_ACCESS_TOKEN    ? 'set' : 'MISSING',
+        ga4_secret:      env.GA4_API_SECRET       ? 'set' : 'MISSING',
+        tiktok_token:    env.TIKTOK_ACCESS_TOKEN  ? 'set' : 'not set (optional)',
+      }), { headers });
+    }
+
+    // ── POST /track — evento do browser ───────────────────────────────────────
+    if (request.method === 'POST' && url.pathname === '/track') {
+      let body;
+      try {
+        body = await request.json();
+      } catch {
+        return new Response(
+          JSON.stringify({ error: 'JSON inválido' }),
+          { status: 400, headers }
+        );
+      }
+
+      const { eventName, behavioral_data, ...payload } = body;
+
+      if (!eventName) {
+        return new Response(
+          JSON.stringify({ error: 'eventName é obrigatório' }),
+          { status: 400, headers }
+        );
+      }
+
+      // ── Extrair dados comportamentais do browser ──────────────────────────────
+      // behavioral_data vem do engagement-scoring.js (engagement_score 0-5, intention_level)
+      // e do BehaviorEngine (user_score 0-100)
+      if (behavioral_data) {
+        payload.engagementScore = behavioral_data.engagement_score ?? behavioral_data.totalScore ?? null;
+        payload.intentionLevel  = behavioral_data.intention_level  ?? null;
+        payload.userScore       = behavioral_data.user_score       ?? null;
+        // PII extraído pelo advanced-matching.js chega aninhado em behavioral_data
+        // (trackLead passa piiData como `data`, que é spread em behavioral_data)
+        payload.email     = payload.email     || behavioral_data.email      || null;
+        payload.phone     = payload.phone     || behavioral_data.phone      || null;
+        payload.firstName = payload.firstName || behavioral_data.first_name  || behavioral_data.firstName || null;
+        payload.lastName  = payload.lastName  || behavioral_data.last_name   || behavioral_data.lastName  || null;
+        payload.city      = payload.city      || behavioral_data.city        || null;
+        payload.state     = payload.state     || behavioral_data.state       || null;
+        payload.zip       = payload.zip       || behavioral_data.zip         || null;
+        payload.dob       = payload.dob       || behavioral_data.dob         || null;
+      }
+
+      // ── Edge Fingerprint + UTM Resurrection ───────────────────────────────────
+      const fingerprint = await generateEdgeFingerprint(request);
+      payload.utmRestored = false;
+
+      if (fingerprint) {
+        if (payload.utmSource) {
+          // Tem UTM → salvar fingerprint para uso futuro
+          ctx.waitUntil(saveEdgeFingerprint(env.DB, fingerprint, payload.userId, payload));
+        } else {
+          // Sem UTM → tentar recuperar das últimas 48h
+          const recovered = await resurrectUTM(env.DB, fingerprint);
+          if (recovered) {
+            payload.utmSource   = payload.utmSource   || recovered.utm_source;
+            payload.utmMedium   = payload.utmMedium   || recovered.utm_medium;
+            payload.utmCampaign = payload.utmCampaign || recovered.utm_campaign;
+            payload.utmContent  = payload.utmContent  || recovered.utm_content;
+            payload.utmTerm     = payload.utmTerm     || recovered.utm_term;
+            payload.utmRestored = true;
+            console.log(`[UTM Resurrection] Recovered: ${recovered.utm_source}/${recovered.utm_medium}/${recovered.utm_campaign}`);
+          }
+        }
+      }
+
+      // ── Bot Mitigation ────────────────────────────────────────────────────────
+      const botScoreStr = request.cf?.botManagement?.score;
+      const cfBotScore = botScoreStr !== undefined ? parseInt(botScoreStr) : 100;
+      const ua = (request.headers.get('User-Agent') || '').toLowerCase();
+      const isBotPattern = /bot|crawler|spider|lighthouse|postman|curl|inspect|headless/i.test(ua);
+      
+      const isBot = cfBotScore < 30 || isBotPattern;
+      payload.botScore = isBot ? 2 : (cfBotScore < 60 ? 1 : 0);
+
+      // Dropar silenciosamente eventos de lixo (exceto conversões core para evitar falso positivo)
+      if (isBot && !['Contact', 'Lead', 'Purchase'].includes(eventName)) {
+        return new Response(JSON.stringify({ ok: true, skipped_due_to_bot: true }), { status: 200, headers });
+      }
+
+      // ── Edge Geo Enrichment ───────────────────────────────────────────────────
+      // Free: country, continent, asn | Paid: city, state, zip, lat/lon, timezone
+      const geoData = await enrichGeoFromEdge(request, env, payload);
+
+      // ── First-Party Cookie (Identity Resolution) ──────────────────────────────
+      const cookieHeader = request.headers.get('Cookie') || '';
+      const cdpUidMatch = cookieHeader.match(/_cdp_uid=([^;]+)/);
+      const finalUserId = payload.userId || (cdpUidMatch ? cdpUidMatch[1] : crypto.randomUUID());
+      payload.userId = finalUserId;
+
+      const ga4Name = META_TO_GA4[eventName] || eventName.toLowerCase();
+
+      // ── LTV Prediction — eventos de topo de funil ─────────────────────────────
+      // Lead, Contact, Schedule: sem valor monetário real → injetar LTV preditivo
+      // Isso treina os algoritmos de Meta/TikTok a priorizar leads de alto valor
+      const LTV_EVENTS = ['Lead', 'Contact', 'Schedule', 'CompleteRegistration'];
+      if (LTV_EVENTS.includes(eventName) && !payload.value) {
+        const ltv = await predictLtv(env, payload, request);
+        payload.value           = ltv.value;
+        payload.currency        = payload.currency || 'BRL';
+        payload.ltvClass        = ltv.class;
+        payload.ltvScore        = ltv.score;
+        // Persiste no perfil em background
+        ctx.waitUntil(
+          upsertLtvProfile(env, payload.userId, ltv)
+        );
+      }
+
+      // Cross-Device Graph — background (não bloqueia resposta)
+      // Só dispara quando tem PII e um userId confirmado
+      if (env.DB && payload.userId && (payload.email || payload.phone)) {
+        ctx.waitUntil(
+          resolveDeviceGraph(env.DB, payload.userId, payload.email, payload.phone)
+        );
+      }
+
+      // ── R2 Audit Log — background, não bloqueia ──────────────────────────────
+      ctx.waitUntil(writeAuditLog(env, eventName, payload, geoData));
+
+      // Disparar tudo em paralelo — não bloquear o browser
+      // WhatsApp: só notifica Lead e Purchase para não lotar o celular
+      const WHATSAPP_NOTIFY_EVENTS = ['Lead', 'Purchase', 'CompleteRegistration'];
+      const [metaRes, ga4Res, ttRes] = await Promise.allSettled([
+        sendMetaCapi(env, eventName, payload, request, ctx),
+        sendGA4Mp(env, ga4Name, payload, ctx),
+        sendTikTokApi(env, eventName, payload, request, ctx),
+        saveLead(env, eventName, payload, request, 'website'),
+        upsertProfile(env, eventName, payload, request),
+        ...(WHATSAPP_NOTIFY_EVENTS.includes(eventName)
+          ? [sendWhatsApp(env, eventName, payload)]
+          : []),
+      ]);
+
+      // Automação de mensagens — dispara regras ativas para este evento em background
+      // saveLead() já foi chamado acima; usamos o leadId gerado pelo D1 (last_row_id)
+      const AUTOMATION_EVENTS = ['Lead', 'Purchase', 'InitiateCheckout'];
+      if (AUTOMATION_EVENTS.includes(eventName) && env.DB) {
+        ctx.waitUntil(
+          (async () => {
+            try {
+              const lastLead = await env.DB
+                .prepare(`SELECT id FROM leads WHERE event_id = ?1 LIMIT 1`)
+                .bind(payload.eventId || payload.event_id || '')
+                .first();
+              const leadId = lastLead?.id ?? null;
+              if (leadId) await fireAutomation(env, eventName, leadId, payload);
+            } catch (e) { console.error('[Automation] lead lookup error:', e.message); }
+          })()
+        );
+      }
+
+      // ── Edge Personalization (Retornar Score) ───────────────────────────────
+      let currentScore = 0;
+      if (env.DB && payload.userId) {
+         try {
+           const profileRow = await env.DB.prepare('SELECT score FROM user_profiles WHERE user_id = ?').bind(payload.userId).first();
+           if (profileRow) currentScore = profileRow.score;
+         } catch(e) {}
+      }
+
+      const resHeaders = new Headers(headers);
+      resHeaders.set('Set-Cookie', `_cdp_uid=${finalUserId}; HttpOnly; Secure; SameSite=Lax; Max-Age=31536000; Path=/`);
+
+      return new Response(JSON.stringify({
+        ok:     true,
+        userProfile: { score: currentScore, user_id: finalUserId },
+        meta:   metaRes.value   ?? { error: metaRes.reason?.message },
+        ga4:    ga4Res.value    ?? { error: ga4Res.reason?.message },
+        tiktok: ttRes.value     ?? { error: ttRes.reason?.message },
+      }), { status: 200, headers: resHeaders });
+    }
+
+    // ── POST /webhook/hotmart ─────────────────────────────────────────────────
+    if (request.method === 'POST' && url.pathname === '/webhook/hotmart') {
+      // Validação de token Hotmart (X-Hotmart-Webhook-Token)
+      // Secret: wrangler secret put WEBHOOK_SECRET_HOTMART
+      if (env.WEBHOOK_SECRET_HOTMART) {
+        const token = request.headers.get('X-Hotmart-Webhook-Token') || '';
+        if (token !== env.WEBHOOK_SECRET_HOTMART) {
+          return new Response('Unauthorized', { status: 401 });
+        }
+      }
+
+      let wh;
+      try { wh = await request.json(); } catch {
+        return new Response('JSON inválido', { status: 400 });
+      }
+
+      const data     = wh.data || wh;
+      const buyer    = data.buyer    || {};
+      const purchase = data.purchase || {};
+      const product  = data.product  || {};
+
+      // Só processar compras aprovadas
+      if (!['APPROVED', 'COMPLETE', 'approved', 'complete'].includes(purchase.status)) {
+        return new Response(
+          JSON.stringify({ skipped: `status ${purchase.status}` }),
+          { status: 200, headers }
+        );
+      }
+
+      // Deduplicação — verificar se transação já foi processada
+      const hmTxId = String(purchase.transaction || '');
+      if (hmTxId && env.DB) {
+        try {
+          const dup = await env.DB.prepare(
+            'SELECT id FROM webhook_events WHERE transaction_id = ? AND status = ?'
+          ).bind(hmTxId, 'processed').first();
+          if (dup) {
+            return new Response(JSON.stringify({ ok: true, skipped: 'duplicate' }), { status: 200, headers });
+          }
+        } catch { /* continua mesmo se a consulta falhar */ }
+      }
+
+      // Recuperar cookies do comprador (fbp/fbc) pelo email
+      const profile = await getProfileByEmail(env, buyer.email);
+
+      const payload = {
+        email:       buyer.email,
+        phone:       buyer.phone,
+        firstName:   buyer.name?.split(' ')[0],
+        lastName:    buyer.name?.split(' ').slice(1).join(' ') || undefined,
+        fbp:         profile?.fbp,
+        fbc:         profile?.fbc,
+        userId:      profile?.user_id,
+        gaClientId:  profile?.ga_client_id,
+        value:       purchase.price?.value,
+        currency:    purchase.price?.currency_value || 'BRL',
+        contentIds:  [String(product.id || product.ucode || '')],
+        contentName: product.name,
+        contentType: 'product',
+        pageUrl:     profile?.page_url || `https://${env.SITE_DOMAIN || 'seu-dominio.com.br'}`,
+        orderId:     purchase.transaction,
+        eventId:     `hotmart_${purchase.transaction}`,
+        city:        profile?.city,
+        state:       profile?.state,
+        country:     profile?.country,
+      };
+
+      // Registrar transação no D1 (prevenção de duplicatas em reenvios)
+      if (hmTxId && env.DB) {
+        try {
+          await env.DB.prepare(
+            'INSERT OR IGNORE INTO webhook_events (platform, transaction_id, email, status, raw_payload) VALUES (?,?,?,?,?)'
+          ).bind('hotmart', hmTxId, buyer.email || null, 'processed', JSON.stringify(wh)).run();
+        } catch { /* não bloquear envio se D1 falhar */ }
+      }
+
+      ctx.waitUntil(Promise.allSettled([
+        sendMetaCapi(env, 'Purchase', payload, request, ctx),
+        sendGA4Mp(env, 'purchase', payload, ctx),
+        sendTikTokApi(env, 'CompletePayment', payload, request, ctx),
+        saveLead(env, 'Purchase', payload, request, 'hotmart'),
+        sendWhatsApp(env, 'Purchase', payload),
+      ]));
+
+      return new Response(JSON.stringify({ ok: true }), { status: 200, headers });
+    }
+
+    // ── POST /webhook/kiwify ──────────────────────────────────────────────────
+    if (request.method === 'POST' && url.pathname === '/webhook/kiwify') {
+      // Validação de token Kiwify (X-Kiwify-Event-Token)
+      // Secret: wrangler secret put WEBHOOK_SECRET_KIWIFY
+      if (env.WEBHOOK_SECRET_KIWIFY) {
+        const token = request.headers.get('X-Kiwify-Event-Token') || '';
+        if (token !== env.WEBHOOK_SECRET_KIWIFY) {
+          return new Response('Unauthorized', { status: 401 });
+        }
+      }
+
+      let wh;
+      try { wh = await request.json(); } catch {
+        return new Response('JSON inválido', { status: 400 });
+      }
+
+      // Só processar compras aprovadas
+      if (wh.order_status !== 'paid' && wh.order_status !== 'approved') {
+        return new Response(
+          JSON.stringify({ skipped: `status ${wh.order_status}` }),
+          { status: 200, headers }
+        );
+      }
+
+      // Deduplicação — verificar se transação já foi processada
+      const kwTxId = String(wh.order_id || '');
+      if (kwTxId && env.DB) {
+        try {
+          const dup = await env.DB.prepare(
+            'SELECT id FROM webhook_events WHERE transaction_id = ? AND status = ?'
+          ).bind(kwTxId, 'processed').first();
+          if (dup) {
+            return new Response(JSON.stringify({ ok: true, skipped: 'duplicate' }), { status: 200, headers });
+          }
+        } catch { /* continua mesmo se a consulta falhar */ }
+      }
+
+      const customer = wh.Customer || {};
+      const product  = wh.Product  || {};
+      const profile  = await getProfileByEmail(env, customer.email);
+
+      const payload = {
+        email:       customer.email,
+        phone:       customer.mobile,
+        firstName:   customer.full_name?.split(' ')[0],
+        lastName:    customer.full_name?.split(' ').slice(1).join(' ') || undefined,
+        fbp:         profile?.fbp,
+        fbc:         profile?.fbc,
+        userId:      profile?.user_id,
+        gaClientId:  profile?.ga_client_id,
+        value:       wh.order_value ? parseFloat(wh.order_value) / 100 : undefined,
+        currency:    'BRL',
+        contentIds:  [String(product.product_id || '')],
+        contentName: product.product_name,
+        contentType: 'product',
+        pageUrl:     profile?.page_url || `https://${env.SITE_DOMAIN || 'seu-dominio.com.br'}`,
+        orderId:     wh.order_id,
+        eventId:     `kiwify_${wh.order_id}`,
+        city:        profile?.city,
+        state:       profile?.state,
+        country:     profile?.country,
+      };
+
+      // Registrar transação no D1
+      if (kwTxId && env.DB) {
+        try {
+          await env.DB.prepare(
+            'INSERT OR IGNORE INTO webhook_events (platform, transaction_id, email, status, raw_payload) VALUES (?,?,?,?,?)'
+          ).bind('kiwify', kwTxId, customer.email || null, 'processed', JSON.stringify(wh)).run();
+        } catch { /* não bloquear envio se D1 falhar */ }
+      }
+
+      ctx.waitUntil(Promise.allSettled([
+        sendMetaCapi(env, 'Purchase', payload, request, ctx),
+        sendGA4Mp(env, 'purchase', payload, ctx),
+        sendTikTokApi(env, 'CompletePayment', payload, request, ctx),
+        sendPinterestCapi(env, 'Purchase', payload, request, ctx),
+        sendRedditCapi(env, 'Purchase', payload, request, ctx),
+        sendLinkedInCapi(env, 'Purchase', payload, request, ctx),
+        sendSpotifyCapi(env, 'Purchase', payload, request, ctx),
+        saveLead(env, 'Purchase', payload, request, 'kiwify'),
+        sendWhatsApp(env, 'Purchase', payload),
+      ]));
+
+      return new Response(JSON.stringify({ ok: true }), { status: 200, headers });
+    }
+
+    // ── POST /webhook/ticto ───────────────────────────────────────────────────
+    // Ticto Webhook v2 (JSON) — configurar em: Produto → Webhooks → Versão 2.0 → JSON
+    // URL a cadastrar na Ticto: https://server-edge-tracker.suporte-ed9.workers.dev/webhook/ticto
+    // Evento a selecionar: "Venda Realizada" (status: paid | approved | complete)
+    if (request.method === 'POST' && url.pathname === '/webhook/ticto') {
+      // Validação HMAC-SHA256 Ticto (X-Ticto-Signature)
+      // Secret: wrangler secret put WEBHOOK_SECRET_TICTO
+      let rawBody;
+      try { rawBody = await request.text(); } catch {
+        return new Response('Leitura de body falhou', { status: 400 });
+      }
+      if (env.WEBHOOK_SECRET_TICTO) {
+        const sig = request.headers.get('X-Ticto-Signature') || '';
+        const valid = await verifyHmac(env.WEBHOOK_SECRET_TICTO, rawBody, sig);
+        if (!valid) {
+          return new Response('Unauthorized', { status: 401 });
+        }
+      }
+
+      let wh;
+      try { wh = JSON.parse(rawBody); } catch {
+        return new Response('JSON inválido', { status: 400 });
+      }
+
+      // ── Estrutura Ticto v2 ────────────────────────────────────────────────
+      // {
+      //   "version": "2.0",
+      //   "status": "paid",           ← paid | approved | complete | refunded | chargeback
+      //   "status_date": "...",
+      //   "token": "...",
+      //   "payment_method": "credit_card | boleto | pix",
+      //   "customer": {
+      //     "name": "João Silva",
+      //     "email": "joao@email.com",
+      //     "phone": "11999998888",
+      //     "document": "12345678901"  ← CPF (não enviamos para plataformas de ads)
+      //   },
+      //   "order": {
+      //     "id": "ORD123",
+      //     "hash": "abc123",
+      //     "transaction_hash": "xyz456",
+      //     "paid_amount": 29700,     ← valor em centavos (R$ 297,00)
+      //     "installments": 1,
+      //     "order_date": "2024-01-01"
+      //   },
+      //   "item": {
+      //     "product_name": "Curso XYZ",
+      //     "product_id": "PROD123"
+      //   },
+      //   "tracking": {               ← parâmetros de URL capturados no checkout
+      //     "src": "facebook",
+      //     "utm_source": "...",
+      //     "utm_medium": "...",
+      //     "utm_campaign": "...",
+      //     "utm_content": "...",
+      //     "utm_term": "..."
+      //   },
+      //   "url_params": {             ← fallback de parâmetros extras (fbclid, sck, xcod...)
+      //     "fbclid": "...",
+      //     "sck": "..."
+      //   }
+      // }
+
+      // Aceitar apenas vendas aprovadas/pagas
+      const STATUS_PAID = ['paid', 'approved', 'complete', 'completed'];
+      if (!STATUS_PAID.includes((wh.status || '').toLowerCase())) {
+        return new Response(
+          JSON.stringify({ skipped: `status ${wh.status}` }),
+          { status: 200, headers }
+        );
+      }
+
+      const customer  = wh.customer  || {};
+      const order     = wh.order     || {};
+      const item      = wh.item      || {};
+      const tracking  = wh.tracking  || wh.url_params || {};
+
+      // Valor: paid_amount está em centavos → dividir por 100
+      const valueRaw = order.paid_amount ?? order.total ?? order.amount;
+      const value    = valueRaw ? parseFloat(valueRaw) / 100 : undefined;
+
+      // Transaction ID: usar hash se disponível (mais estável que id numérico)
+      const transactionId = order.hash || order.transaction_hash || order.id;
+
+      // Deduplicação — verificar se transação já foi processada
+      const tcTxId = String(order.hash || order.transaction_hash || order.id || '');
+      if (tcTxId && env.DB) {
+        try {
+          const dup = await env.DB.prepare(
+            'SELECT id FROM webhook_events WHERE transaction_id = ? AND status = ?'
+          ).bind(tcTxId, 'processed').first();
+          if (dup) {
+            return new Response(JSON.stringify({ ok: true, skipped: 'duplicate' }), { status: 200, headers });
+          }
+        } catch { /* continua mesmo se a consulta falhar */ }
+      }
+
+      // Buscar perfil do comprador pelo email; fallback por user_id passado via URL (cdpTrack passCheckoutParams)
+      const urlUserId = tracking.user_id || wh.url_params?.user_id;
+      let profile = await getProfileByEmail(env, customer.email);
+      if (!profile && urlUserId && env.DB) {
+        try {
+          profile = await env.DB.prepare(
+            'SELECT * FROM user_profiles WHERE user_id = ? ORDER BY updated_at DESC LIMIT 1'
+          ).bind(urlUserId).first();
+        } catch { /* continua sem perfil */ }
+      }
+
+      // Construir fbc a partir do fbclid se o profile não tiver fbc
+      const fbclid = tracking.fbclid || wh.url_params?.fbclid;
+      const fbc    = profile?.fbc || (fbclid ? `fb.1.${Date.now()}.${fbclid}` : undefined);
+
+      const payload = {
+        email:       customer.email,
+        phone:       customer.phone,
+        firstName:   customer.name?.split(' ')[0],
+        lastName:    customer.name?.split(' ').slice(1).join(' ') || undefined,
+        fbp:         profile?.fbp,
+        fbc,
+        ttp:         profile?.ttp,
+        userId:      profile?.user_id,
+        gaClientId:  profile?.ga_client_id,
+        value,
+        currency:    'BRL',
+        contentIds:  [String(item.product_id || '')],
+        contentName: item.product_name,
+        contentType: 'product',
+        pageUrl:     profile?.page_url || `https://${env.SITE_DOMAIN || 'seu-dominio.com.br'}`,
+        orderId:     transactionId,
+        eventId:     `ticto_${transactionId}`,
+        city:        profile?.city,
+        state:       profile?.state,
+        country:     profile?.country || 'br',
+        utmSource:   tracking.utm_source   || tracking.src || '',
+        utmMedium:   tracking.utm_medium   || '',
+        utmCampaign: tracking.utm_campaign || '',
+        utmContent:  tracking.utm_content  || '',
+      };
+
+      // Registrar transação no D1
+      if (tcTxId && env.DB) {
+        try {
+          await env.DB.prepare(
+            'INSERT OR IGNORE INTO webhook_events (platform, transaction_id, email, status, raw_payload) VALUES (?,?,?,?,?)'
+          ).bind('ticto', tcTxId, customer.email || null, 'processed', JSON.stringify(wh)).run();
+        } catch { /* não bloquear envio se D1 falhar */ }
+      }
+
+      ctx.waitUntil(Promise.allSettled([
+        sendMetaCapi(env, 'Purchase', payload, request, ctx),
+        sendGA4Mp(env, 'purchase', payload, ctx),
+        sendTikTokApi(env, 'CompletePayment', payload, request, ctx),
+        sendPinterestCapi(env, 'Purchase', payload, request, ctx),
+        sendRedditCapi(env, 'Purchase', payload, request, ctx),
+        sendLinkedInCapi(env, 'Purchase', payload, request, ctx),
+        sendSpotifyCapi(env, 'Purchase', payload, request, ctx),
+        saveLead(env, 'Purchase', payload, request, 'ticto'),
+        sendWhatsApp(env, 'Purchase', payload),
+      ]));
+
+      return new Response(JSON.stringify({ ok: true }), { status: 200, headers });
+    }
+
+    // ── GET /webhook/whatsapp — verificação do webhook pela Meta ─────────────────
+    // A Meta faz um GET nessa URL quando você cadastra o webhook no Business Manager.
+    // Ela envia: hub.mode=subscribe, hub.verify_token=<seu token>, hub.challenge=<número>
+    // Você responde com hub.challenge para confirmar que é seu servidor.
+    // Secret: wrangler secret put WA_WEBHOOK_VERIFY_TOKEN
+    if (request.method === 'GET' && url.pathname === '/webhook/whatsapp') {
+      const mode      = url.searchParams.get('hub.mode');
+      const token     = url.searchParams.get('hub.verify_token');
+      const challenge = url.searchParams.get('hub.challenge');
+
+      if (mode === 'subscribe' && env.WA_WEBHOOK_VERIFY_TOKEN && token === env.WA_WEBHOOK_VERIFY_TOKEN) {
+        return new Response(challenge, { status: 200, headers: { 'Content-Type': 'text/plain' } });
+      }
+      return new Response('Forbidden', { status: 403 });
+    }
+
+    // ── POST /webhook/whatsapp — mensagens recebidas (CTWA) ───────────────────────
+    // Recebe eventos da Meta Cloud API: mensagens de usuários que clicaram em
+    // anúncios "Click to WhatsApp". Extrai phone + ctwa_clid e dispara Contact
+    // no Meta CAPI com action_source="chat".
+    // URL a cadastrar: Meta Business Manager → WhatsApp → Configuration → Webhook URL
+    // Campos a assinar (subscribe): messages
+    if (request.method === 'POST' && url.pathname === '/webhook/whatsapp') {
+      let body;
+      try { body = await request.json(); } catch {
+        return new Response('JSON inválido', { status: 400 });
+      }
+
+      const result = await processWhatsAppWebhook(env, body, request, ctx);
+
+      // A Meta exige resposta 200 em até 20s — mesmo que não haja nada a processar
+      return new Response(JSON.stringify({ ok: true, ...result }), { status: 200, headers });
+    }
+
+    // 404 para rotas não encontradas
+    return new Response(
+      JSON.stringify({ error: 'rota não encontrada' }),
+      { status: 404, headers }
+    );
+  },
+
+  // ── Cron Handler — Intelligence Agent ──────────────────────────────────────
+  async scheduled(event, env, ctx) {
+    const cron = event.cron; // '0 2 * * 0' ou '0 3 1 * *'
+    const isMonthly = cron === '0 3 1 * *';
+
+    console.log(`[Intelligence Agent] Cron executado: ${cron}`);
+
+    ctx.waitUntil(runIntelligenceAgent(env, isMonthly ? 'monthly_audit' : 'weekly_check'));
+  },
+
+  // ── Queue Consumer — Retry de eventos com falha ────────────────────────────
+  async queue(batch, env) {
+    for (const message of batch.messages) {
+      const { eventType, payload, platform, attempt = 1 } = message.body;
+
+      console.log(`[Queue] Reprocessando: ${platform}/${eventType} (tentativa ${attempt})`);
+
+      try {
+        if (platform === 'meta')   await sendMetaCapi(env, eventType, payload, null, null);
+        if (platform === 'ga4')    await sendGA4Mp(env, eventType, payload, null);
+        if (platform === 'tiktok') await sendTikTokApi(env, eventType, payload, null, null);
+
+        message.ack(); // sucesso — remove da fila
+      } catch (err) {
+        console.error(`[Queue] Falha ao reprocessar ${platform}/${eventType}:`, err.message);
+        message.retry(); // reenfileira até max_retries, depois vai para DLQ
+      }
+    }
+  },
+};