It could be that the user identity is outdated, especially if you’ve tried starting a stopped app pool and the next request again fails.
In IIS, go to the Application Pools under the Server, then find the correct Application Pool for your web site, and click on it. On the Advanced Settings menu to the right, select Identity and change it and enter new user and password. Click on your Application Pool again, and select Recycle to restart it.
You can also try looking at the error message in Event Viewer, under Windows Logs, Application, Details tab.
Other answers are fine. But in my case, I was working on a Windows box that already was running some old IIS, IISExpress or any other web site. What happened is urls ACLs where reserved somehow in the system. So, you might want to check this.
Here is the console command to dump all URL acls:
netsh http show urlacl
Check what’s returned here, and if anything matches the url you are testing, here is the command to delete one URL acl (for example):
netsh http delete urlacl url=http://localhost:2018/
(beware to carefully note what you do here in case it was not related to the original problem)