Next step in trying to narrow it down might be Export As Command-line and either testing just the Duplicati.CommandLine.BackendTool.exe get
operation with a file that had failed in the automatic
Verifying backend files step after backup (and it’s odd that all the uploads before that went OK), or
Duplicati.CommandLine.BackendTester.exe using a target URL changed to go to an empty folder.
Are all these Windows systems? Linux can have other issues, but usually it’s a certificate problem.
Narrowing it down more might make a better case. There are OS-level tools that could also be run.
Wireshark would be informative but it’s kind of complicated to look at the problem at a packet level.
I’m not sure what an ISP would do to break things. I’d have thought they just do transport and DNS
(which you could probably change to some third-party DNS if you think ISP DNS might be a factor).