I suspect it’s very likely that somewhere in the world is a domain-validation server, used by a trusted CA, which has this very anti-advertising hosts file installed onto it.
It could be a lesser-known CA, perhaps the national CA of a small country (under 2m people) that normally only issues less than tens-of-thousands of certs and only exists for regulatory reasons (e.g. the country requires all of its own gov services to use its internal CA, while all commercial/popular services use CA based in another country, usually LetsEncrypt)