That only shows the domain eg facebook.com, not facebook.com/tracking-script. There's no reason that they can't put all the bad stuff on the same essential, first-party domain needed for the app which makes DNS blocking and viewing not effective.

That's why you can't block youtube ads with DNS, only with a browser-level adblocker because the browser adblocker is able to block the specific paths.

You can view the full encrypted traffic with something like mitmproxy, but there's ways apps can detect or prevent it.