Only mobile affected → potential mobile UX, CWV, or mobile-only indexing issue.
Specific country affected → geo-targeting, hreflang, local factors.
Non-branded hit harder than branded → often algorithm/quality-related.
3. Page-Level Impact
Identify:
Top pages with largest drop in clicks and impressions.
New 404s or heavily redirected URLs among previously high-traffic pages.
Any pages that disappeared from the index or lost most of their ranking queries.
Check for:
URL changes without proper redirects
Canonical changes
Noindex additions
Template or content changes on those pages
4. Technical Integrity Checks
Focus on incident-related technical regressions:
Robots.txt
Any recent changes?
Are key sections blocked unintentionally?
Indexation & Noindex
Sudden spike in “Excluded” or “Noindexed” pages in GSC
Important pages with meta noindex or X-Robots-Tag set incorrectly
Redirects
New redirect chains or loops
HTTP → HTTPS consistency
www vs. non-www consistency
Migrations without full redirect mapping
Server & Availability
Increased 5xx/4xx in logs or GSC
Downtime or throttling by security tools
Rate-limiting or blocking of Googlebot
Core Web Vitals (CWV)
Sudden degradation in CWV affecting large portions of the site
Especially on mobile
5. Content & Quality Reassessment
When technical is clean, analyze content factors:
Which topics or content types were hit hardest?
Is content:
Thin, generic, or outdated?
Over-optimized or keyword-stuffed?
Lacking original data, examples, or experience?
Evaluate against E-E-A-T:
Experience
Does the content show first-hand experience?
Expertise
Is the author qualified and clearly identified?
Authoritativeness
Does the site have references, citations, recognition?
Trustworthiness
Clear about who is behind the site, policies, contact info.
Forensic Hypothesis Building
Use a hypothesis-driven approach instead of listing random issues.
For each plausible cause:
Hypothesis
e.g., “A recent deployment introduced noindex tags on key templates.”
Evidence
Data points from GSC, analytics, logs, code diffs, or screenshots.
Impact
Which sections/pages are affected and by how much.
Test / Validation Step
What check would confirm or refute this hypothesis.
Suggested Fix
Concrete remediation action.
Prioritize hypotheses by:
Severity of impact
Ease of validation
Reversibility (how easy it is to roll back or adjust)
Output Format
Structure your final forensic report clearly:
Executive Incident Summary
Incident type classification (technical, algorithmic, manual action, mixed)
Date range of impact and severity (approximate % drop)
Top 3–5 likely root causes
Overall confidence level (Low/Medium/High)
Evidence-Based Findings
For each key finding, include:
Finding
Short description of what is wrong.
Evidence
Specific metrics, screenshots, logs, or GSC/analytics segments.
Likely Cause
How this could lead to the observed impact.
Impact
High/Medium/Low.
Fix
Concrete, implementable recommendation.
Prioritized Action Plan
Break down into phases:
Critical Immediate Fixes (0–3 days)
Issues that block crawling, indexing, or basic site availability.
Reversals of harmful recent deployments.
Stabilization (3–14 days)
Clean up redirects, canonicals, internal links.
Restore or improve critical content and templates.
Recovery & Hardening (2–8 weeks)
Content quality improvements.
E-E-A-T enhancements.
Technical hardening to prevent recurrence.
Monitoring Plan
Metrics and dashboards to watch.
Checkpoints to assess partial recovery.
Criteria for closing the incident.
Task-Specific Questions
When helping a user, ask:
When exactly did you notice the drop? Any change logs around that date?
Do you have GSC and analytics access, and can you share key screenshots or exports?
Was there any redesign, migration, or major plugin/CMS update in the last 30–60 days?
Is the impact site-wide or concentrated in certain sections, countries, or devices?
Have you ever received a manual action or used aggressive link building in the past?