Besides the MAC lookup suggestion, have you tried to simply find hostname in local DNS by reverse IP lookup, maybe that would shed some light.
Not sure if there is anything useful, but in browser just check site source, maybe there is something useful there that could help with identification. Does site have certificate? It might include info that would help with identification. Do the standard browser network trace via dev tools F12, maybe something useful appears there.
In nmap you can attempt to guess OS, try that. Additionally it might be possible to get hostname as well.
And have you checked your router to see if this connection is connected to your Wi-Fi AP or Ethernet to narrow things down? If it is not possible to determine this from router, simply connect your main PC to Ethernet, disable AP in router settings and check if IIS site is still up. If it is not, enable AP again, does it come back early or it takes some time?
Lastly, if it still is a mystery, start powering off devices one by one to find the source. Based on comments it seems you have multiple devices, but I assume it would not take that long?
Soft bricked VS Hard bricked. Agree that it would be nicer to be more precise in headline, but both are technically under Bricked category.
Regarding TOTP tokens, some time ago switched to Aegis app which allows token export in JSON which I store in Dropbox. I believe only thing that I would lose would be last photos that I have not backed up yet. And past Signal conversations which sometimes come useful.
But for regular folks losing access to phone indeed seems like nightmare scenario for 2FA. I think MS Authenticatior backed tokens to your OneDrive if you enabled it in settings. Often these less secure options are good tradeoff for usability.
Practically all my previous phones were either lost or stolen so it will be inevitable some day. Almost lost my current one year ago due to being drunk, luckily got it back.