Thanks for the reply
I'm rdp'ing using the rdp profile that's available on the web-role instance. Just FYI, i didn't have any NSG rules set in my subscription. Everything worked as expected until today when the web-role wasn't being able to browse publicly, so i assume no default rules were being applied. In anyway followed your suggestion and added a NSG and configured inbound rules to allow 80,443 and associated it with the Subnet of the web-role. But that didn't have any impact. On the other hand, the RDP stopped working, so i tried adding NSG rule to allow RDP on port 3389, but that didn't have any impact as well. I just removed the NSG and dis-associated the web-roles Subnet from it and i can RDP again, but still cannot publicly browse the web-role. I can browse on the VM itself to confirm app is fine, and is able to browse with it's DNS address.
Is there any other place to look for what's blocking public access which was all ok up until today? Nothing changed from our side.