Using Route53 to serve https request for my s3 bucket via cludfront distribituin

I spent almost 3 days with trial and error , documention and more but not sloving my issue. i pretty sure i do same mistake over and over again. please try read my steps and figure out why i cant using my domain in url in order to get my site.

1. i upload my static files into s3 bucket as website. => The url is working well at http://myBucket.s3-website.my-region.amazonaws.com/ => my s3 region is il-central-1

2. route 53: I bought a new domain "myDomain.net" from aws route 53

3. route 53: created new host zone and from the record of type ns , i copied the values there to my clipboard

4. route53: registred domain => actions => edit name servers => paste the values from prev state example : ns-xyz.awsdns-ab.net and all others => now all name server of my domain are same as the ns record in my hostzone

5. certificate manager => i created public certificate in US East (N. Virginia) region and awaited to status : Issued

6. ACM and route53: in the new ssl certificate i clicked on "create records in route53" button and i created CNAME record in my hostzone => value : someToken.someString.acm-validations.aws.

7. cloudFront: create distribution => origin domain it shows me an autocomplete to my s3 bucket as => myDomain.s3.il-central-1.amazonaws.com and i know it should use the s3 url format as "http://myBucket.s3-website.my-region.amazonaws.com/" so i pasted the the s3 url format but now in protocl is show HTTP only option => Viewer protocol policy i change to Redirect HTTP to HTTPS => Do not enable security protections => Alternate domain name (CNAME) - optional i set as myDomain.net => Custom SSL certificate - optional - the certificate created in step 5 Click on the create distribution button and test the new url "https://someId.cloudfront.net" and it works well. now it seems my s3 and cloudfront are connected i guess

8. route53 : create record => record name i keep it blank (my alternate name is same as my region ...maybe its a mistkae and i shouldnt create alternate name?) => record type - A => alias -> alias to cloud front distribution -> someId.cloudfront.net clicked on create record

at the begining i trid to navigate to https://myDomain.net and nothing happnd i got DNS_PROBE_FINISHED_NXDOMAIN (checked in incognito also ) after about 6-7 hours it worked , i get access to my site with my domain as url but after a few minutes i got

Web Page Blocked! You have tried to access a web page which belongs to a category that is blocked.

what i did wrong?