The --standalone method is difficult to debug because you need to keep Certbot running to test connection from the public internet.
A way to test this easier is to use these command options
certbot certonly --standalone --dry-run --debug-challenges -v -d (domain) --http-01-port 80
This command will show you the challenge URL to try from the public internet and the proper response. After showing you this it will say "Press Enter to Continue". DO NOT PRESS ENTER.
Leave it paused like that and use a different device to test connection. You can use a mobile phone with wifi disabled so use your carrier's network.
You do not have to use the full URL. Just try http://(yourdomain)
If the connection works this shorter URL should see a response like below. The error in your first post said "Secondary validation" which is a problem just from certain locations. Osiris already linked to an article about that. Make sure your domain can be reached from anywhere.
ACME client standalone challenge solver