Server score plus many details: https://ssllabs.com
Indication of state-of-the-art: https://en.internet.nl
DNS report: https://mxtoolbox.com/SuperTool.aspx?action=dns
Site score (plus list subdomains): https://immuniweb.com/websec/
Overview of properties: https://toolbar.netcraft.com/site_report
Ownership / location (s):
Server analysis, detailed: https://check-your-website.server-daten.de
Debug DNSSEC: https://dnssec-debugger.verisignlabs.com
HTTP/2 test: https://tools.keycdn.com/http2-test
Test host reachability: https://nat64check.org
Find hosting data: https://dnsquery.org
Find subdomains (A records): https://hackertarget.com/find-dns-host-records
Analyze type of application with web browser plugin: https://www.wappalyzer.com/download
New tool: broken links, performance, etcetera: https://ohdear.app/
Local machine / connection:
Test local IPv6 capability: https://ipv6-test.com
Get IPv4 address (and IPv6): https://www.whatismyip.com/my-ip-information/?iref=homegb
D(omain) N(ame) S(ystem):
Valuable comments: https://dnsspy.io
Detailed: https://www.viewdns.info / https://intodns.com / https://bwachter.lart.info/tools/dig.cgi
For ‘AAAA’ (pronounced quad A) for IPv6, a data center must be up to date.
A ‘TLSA’ record for DANE secures email transport, and in the future for an URL.
A ‘CAA’ record protects against a different SSL certificate provider than the one set in the DNS.
PTR records from an IP address to the server name are not in the domain name DNS zone.
A PTR record needs to be created in the rDNS netblock zone.
Some background information:
HSTS restricts to https: https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
HTTP/2 webpage traffic optimization: https://en.wikipedia.org/wiki/HTTP/2
SNI same owner of (server) domain: https://en.wikipedia.org/wiki/Server_Name_Indication