I got your point but I don't understand Your logic :

If the interface outside is a public IP address Should I revert the NAT? 
Can you please make me an real example of what do you mean?

Hello
Suggest amend the translation timeout values and your nat acl to negate the static hosts from the overload nat statement if that is those hosts are only required to be port translated on those specific ports.

ip nat translation timeout 1800
ip nat translation tcp-timeout 1800
ip nat translation udp-timeout 30
ip nat translation finrst-timeout 30
ip nat translation synrst-timeout 30

no access-list 10
aceess-list 100 remark NAT_ACL
access-list 100 deny ip host 10.0.0.2 any
access-list 100 deny ip host 10.0.0.3 any
access-list 100 permit ip 10.0.0.0 0.0.0.255 any

no ip nat inside source list 10 interface GigabitEthernet0/0 overload
ip nat inside source list 100 interface GigabitEthernet0/0 overload

clear ip nat statistics
debug ip nat translations

...

so there is no difference in the actual NAT configuration...

Hello

@MHM Cisco World not sure I follow what you are saying, the static pat statement has NO bearing on the overload access-list, it not even called upon, it specific to port forwarding on tcp 22 only

So the deny ace in the nat acl is to negate that internal host from partcipating in any dyanmic PAT (even internet browsing etc...), if you remove the dynamic pat entirley that static pat sould still port-forward for tcp 22.

As I stated  "if those hosts are only required to be port translated on those specific ports"

Your gold words 
"if those hosts are only required to be port translated on those specific ports"

is right and hope @Frank27  decide if the host translated to those specific port or not.

@Frank27 config is same as cisco recommend and ALL config is OK, but I start think it bug that the static NAT is disappear but work.
 https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/13778-9.html

HI @paul driver @MHM Cisco World ,

thank you for you replies. Well yes the actual topology is 

7201-->>N5k-->>ASA-->>HOST

Regarding the ssh port it is an "escamotage" or work-around for avoiding leaving port 22 open on the router itself and redirect to port 22 of the N5K for remote access. Why? Because this  software version loaded inside the 7201 doesn't support the 

ip ssh port 7022 rotary x 

command ... but this is another problem.

Anyway, yes all internal hosts including the N5k 10.0.0.2 and the ASA as well for the HOST need to access the internet and all services. The static entries are just SSH access and ports or services (8080,80) related to the host itself while port 4000 give access to the switch and the network topology (from there).

So static entries are needed for the outside to access a service inside.

I have modified the nat timeouts as @paul driver  suggested and now I am monitoring.

@MHM Cisco World  I was thinking the same since can happen every 1-2 weeks that a service on 8080 or on 4000 is being dropped totally (no log entries neither in NAT translation debug about that already checked) and basecally I cannot connect or use a NAT static service without a (known) reason!

The only way I have is to reload the router!