Or you can just avoid hacking your hosts file and breaking other tools, and set your Snap and Apt proxy configuration to a non-existent value, or firewall their ability to reach those hosts.
Or configure them properly by disabling auto-updates, configure unattended-upgrades appropriately for your needs, and only update your apt packages from a known, internal mirror endpoint that doesn't change until you point it to a new timestamp.
That's how it works in the real world, in production. It's not 1994, we don't hack hosts files anymore.
