Ok, first of all thanks a lot Antonio for your answer.
I've followed your instructions adding following block to the very beggining of my only one nginx/site-enabled (in just one of my 2 balanced nginx):

server {
listen 80 default_server;
server_name _;
proxy_intercept_errors on;
error_log /var/log/nginx/000default-error.log debug;
access_log /var/log/nginx/000default-access.log;
return 444;
}

below this block came the 3 vhost I serve, all of them with plenty of server_name's.
More "clues" I surely shoud have given at my first post ::

.- Architecture :: AWS Elastic Load Balancer ====> 2 nginx each one proxying to its own apache2
.- My php application relies a lot on apache redirects in htaccess of the style: .*whatever/ .*whatever.php
.- As soon as i enable the above block, Server seems to respond Ok but the 000default-access.log starts to be filled with:
..-[A] Plenty of requests responded with the 444 code
.- [B] Plenty of strange request like this ::: [01/Feb/2012:12:13:40 +0100] "-" 400 0 "-" "-"

.- In less than 3 minutes, suddenly the above access log stops receiving that bunch of 444 responded requests[A] and it only shows the [B] from time to time (some buffer overloaded?)

Just to say, the debug level and logs probably I did not use it well as it is not adding actual extra info. should it be added to in the rest of the server blocks below the default one?

like an X-File to me ......don't know what else to do or try