That is not Amazon.

  ~ whois s3-amazonaws.com
   Domain Name: S3-AMAZONAWS.COM
   Registry Domain ID: 2246085106_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.namesilo.com
   Registrar URL: http://www.namesilo.com
   Updated Date: 2018-03-31T13:23:14Z
   Creation Date: 2018-03-31T13:07:29Z
   Registry Expiry Date: 2019-03-31T13:07:29Z
   Registrar: NameSilo, LLC
   Registrar IANA ID: 1479
   Registrar Abuse Contact Email: abuse@namesilo.com
   Registrar Abuse Contact Phone: +1.4805240066
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: JIM.NS.CLOUDFLARE.COM
   Name Server: OLGA.NS.CLOUDFLARE.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/

Buckets are at s3.amazonaws.com, the domain mentioned is s3-amazonaws.com.

You could certainly argue if Comodo doesn't catch stuff like this then what value are they bringing, but it isn't as serious as the title implies.

Sorry about the initial title, I was tricked by the result https://censys.io/certificates?q=s3.amazonaws.com&page=6

It's via CloudFlare.

Also the "s3-amazonaws.com" looks like a scam domain.

Fortunately, this is not the actual S3 domain, but one that is very similar. s3<dash>amazonaws instead of s3<dot>amazonaws.

Regardless, this is still shady.

The bit you're looking for here is the hostname:

> *.s3-amazonaws.com

Edit: but I believe real S3 hostnames are of the form foo.s3.amazonaws.com

That’s a pretty good scam domain. Can’t big companies scan CT logs to be proactive about those types of domains?

I reported this to Cloudflare's Trust and Safety team and it has been taken care of.

Can the title be updated with the word 'fake amazon buckets'?

Have you reported the scam domain to Amazon Security?

Is the title of this HN post the article? And link is the proof? Just trying to understand what's going on. Some kind of attempt of getting a trick domain?

s3-amazonaws.com? That's not amazon, that's just some random domain.