Hello @Attya, Mohamed
Yes, with no NSG attached to VM nothing is being blocked (imagine NSG is a firewall, what happens when there is NO firewall?).
For inbound traffic, Azure processes the rules in a network security group associated to a subnet first, if there's one, and then the rules in a network security group associated to the network interface, if there's one. This process includes intra-subnet traffic as well.
The following picture illustrates different scenarios for how network security groups might be deployed to allow network traffic to and from the internet over TCP port 80:
Also in Standard Public IP and it is blocked by default, if you use Basic Public IP you wouldn't need NSG
Reference: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/public-ip-addresses#sku