When EDR introduced the Sensor Group custom certificate function, the sensor needed to modify the Windows hosts file to include the custom certificate's SANs (Subject Alternative Names). The two SANs from the custom certificate are added to the Windows host file in order to provide the SNI (Server Name Indicator) in the TLS communications.
Custom certificate's SANs section: