(no title)

There appears to be no obvious plausible link between the SANs other than very obvious lack of plausibility to each website. They're mostly pretend (or knock-off) business websites in random countries (everywhere from Trinidad and Tobago, Germany, mainland USA, Hawaii...) in various languages and all the ones I checked have no verifiable substance to them. For example, one domain is a supposed USA shipping/logistics company whose website states they have 1949 customers and have only delivered 7126 packages, and claims a head office as a house in Renton WA, an office at a different house in Stockbridge GA and a supposed warehouse at a third house in Portland OR. Most domains don't include any valid contact or business information, even a supposed restaurant where you'd want people to find your location easily!

There does appear to be heavy use of Google Firebase, and many of the sites share the same IP address(es) for hosting. A reverse IP lookup of domains hosted at those IP addresses reveals more random suspicious domains beyond just those just listed at https://crt.sh/?q=andrewjdillon.com