Thank you for your suggestions, I've monitored the logs while performing a login. And it got me closer to a assumption of cause.
/var/log/directadmin/login.log
2020:02:12-09:45:07: '145.131.00.000' successful Basic Auth/API login to 'user' via 'admin' after 1 attempts
2020:02:12-09:38:27: '90.145.00.000' successful login to 'user' after 1 attempts
2020:02:12-09:39:27: '90.145.00.000' 1 failed login attempts. Account 'user'
2020:02:12-09:39:27: '90.145.00.000' 1 failed login attempts. Account 'user'
/var/log/directadmin/error.log
2020:02:12-09:42:28: Referer port (443) does not match DA's (2222):
https://domain.com
2020:02:12-09:42:28: Referer check failed for 90.145.00.000
/usr/local/directadmin/conf/directadmin.conf
check_referer=0
service directadmin restart
The first issue that I fixed was disabling the check_referer, however it looks like it still causes a issue.
I've installed a certificate on my directadmin server and it looks like the login is performed from 2222 whilst the session is kept from 443.
The strangest thing is that users can browse without problems but if the user is inactive and the session timeout of 60s is hit, it creates a "failed login attempt" as seen above in login.log.