I'm inclined to agree that that *should* be the case but this is, still, private property with the various rights associated with it
I don't see this as a property-rights issue. You're sending them a message with a request for one or more URLs; they're sending messages back with the content. At no point do you have possession of or control over any of their property. Their property is doing exactly what they deliberately programmed it to do: send their content to any arbitrary unauthenticated user on the Internet who requests it. If they did require authentication and you claimed to be someone else in order to gain access then a case could be made for fraud. However, so long as they send out the content to anyone who asks for it, I don't see any problem with making the request.