Ooh, i will CERTAINLY look into that. ESPECIALLY after discovering this. After adjusting logging settings, my last attempt (via le64, not letsdebug), I see THIS:
2021-06-11 20:31:08 srvr 66.151.242.26 GET /.well-known/acme-challenge/fuzQt3sxAaeoxiTF-MRmV25lZCQq6Vau74ScMJyGDb4 - 80 - 3.143.223.150 HTTP/1.1 Mozilla/5.0+(compatible;+Let's+Encrypt+validation+server;++https://www.letsencrypt.org) - 200 0 0 527 270 22
2021-06-11 20:31:08 srvr 66.151.242.26 GET /.well-known/acme-challenge/fuzQt3sxAaeoxiTF-MRmV25lZCQq6Vau74ScMJyGDb4 - 80 - 3.67.34.92 HTTP/1.1 Mozilla/5.0+(compatible;+Let's+Encrypt+validation+server;++https://www.letsencrypt.org) - 200 0 0 527 270 102
2021-06-11 20:31:18 srvr 66.151.242.26 GET /.well-known/acme-challenge/fuzQt3sxAaeoxiTF-MRmV25lZCQq6Vau74ScMJyGDb4 - 80 - 18.236.228.243 HTTP/1.1 Mozilla/5.0+(compatible;+Let's+Encrypt+validation+server;++https://www.letsencrypt.org) - 200 0 0 527 270 51
Requests came in, and IIS returned a 200, the file was served properly. However, LE still reported:
2021/06/11 16:31:19 Domain verification results for 'www.tsqmadness.com': error. Fetching http://www.tsqmadness.com/.well-known/acme-challenge/fuzQt3sxAaeoxiTF-MRmV25lZCQq6Vau74ScMJyGDb4: Timeout during connect (likely firewall problem)
So.. I'm at a loss at the moment. 
In the past, I was using GNS validation, which worked fine, but my DNS server apparently has no API to create/remove TXT entries, which is why I started messin' wth this. 