It looks like the amazon IPs I see use AS14618, do you know if this usually contains all EC instances ? Or it is more like an IP class and they have many ASXXXXX ?
Thanks.
That ASN does belong to Amazon. If it is the only one you are getting requests from it should be okay to either block or - maybe better - captcha challenge it.
There is another ASN where I get requests from -> 16509
Yes, I set it to captcha challenge. They make many downloads on the site.
The ~30 recent download abusers I found were using AS14618, I will keep an eye to see different ones showing up (like AS16509).
Thanks.