Regarding for the first part of your question: Is there a way for me to verify which programs use the /etc/hosts?
As far as I known, all programs ask to "the resolver", a libc group of functions (gethostbyname, gethostbyaddress, etc, see man 3 GETHOSTBYNAME ) to resolve a string in an address and other related operations.
This group of functions may use several sources like /etc files, dns, nis, nis++, ldap, etc.
The main configuration file is /etc/nsswitch.conf. For the hosts related questions, mine is configured as follow:
hosts: nisplus dns files
So, if the address was not resolved by NIS, then the resolver asks for DNS, and then looking at /etc/hosts.
Yours may be different.
The second part: multiple IPs for the same name; This is quite common and the DNS is aware about multiple answers.
For instance, a dig on www.google.com
returns 4 answers and all are cached. You don't need to take additional steps.
;; ANSWER SECTION:
www.google.com. 335701 IN CNAME www.l.google.com.
www.l.google.com. 148 IN A 18.104.22.168
www.l.google.com. 148 IN A 22.214.171.124
www.l.google.com. 148 IN A 126.96.36.199
www.l.google.com. 148 IN A 188.8.131.52