Unfortunately, we are unaware of any other tools like Fiddler that support TLS 1.3. However, Fiddler includes the <client> token and will offer TLS/1.3 if the client does.
With that said, there are different ways a website or mobile application could block a Man-in-the-Middle Attack from Decrypting SSL traffic. The most well-known is is Certificate Pinning. Essentially, if the client-server key-chain is not exact then the traffic cannot be decrypted. This is the most likely cause for not being able to decrypt traffic using Fiddler.
Let me provide an example. I can see that as of today, the domain i.instagram.com from the screenshot provided in the Original Post hasn't enabled the TLS 1.3 or SSLv3 protocols which means these sessions will appears as Tunnels in Fiddler. This is for security reasons.
In the above example, Fiddler is probably not the best tool to use. Fiddler works best when the developer has access to the application source and certificates.
I hope this helps. Please let me know if you have any additional questions. Thank you for using the Fiddler forums.
Eric R | Technical Support Engineer
Do you want to have your say when we set our development plans?
Do you want to know when a feature you care about is added or when a bug fixed?
Telerik Feedback Portal
and vote to affect the priority of the items