Every reference to localhosts from that providere is replaced byt the original Jolla hosts settings (that why I use the file hosts.base). The provider of that hosts file is really famous and everyone download the hosts file from him, but if anyone whuold like to check for malicious redirect fell fre to do it and report your progres here pls.
112.112.112.112 im.malicious.com localhost.localdomain localhost
112.112.112.112 im.malicious.com localhost.localdomain localhost #127.0.0.1
112.112.112.112 im.malicious.com #localhost.localdomain #localhost #127.0.0.1