Please post verbose logs of an upload using those other clients.
Before posting, please read how to report bug or request support effectively.
Bug reports without an attached log file are usually useless.
ETag: unverified: ...and
Cache-Control: max-age=31536000instead of
Cache-Control: public, max-age=31536000(missing
The "Etag: unverfied..." is indeed a reference to the SHA1 checksums of the files. Whatever you have set for WinSCP it is uploading files with the X-Bz-Content-Sha1 header set to "do_not_verify" which we do not recommend. You can read more about it in our documentation page: https://www.backblaze.com/b2/docs/uploading.html
Specifying do_not_verify as the checksum and letting B2 compute the checksum of the file. In the case where there has been data corruption and the checksum doesn't match the data sent, the first two options give B2 the opportunity to verify the checksum, and reject the upload without storing anything in B2. With this final option, the file is stored no matter what, and you have to delete it yourself if there is a problem with the checksum.
This is likely what is triggering the other issue in regards to the "cache-control" missing "public"
I would suggest reaching out to WinSCP support in regards to how you can have their upload process include the x-Bz-Content-Sha1 header for the 40-character hex checksum of the file or the string hex_digits_at_end
X-Bz-Content-Sha1header for the 40-character hex checksum of the file or the string