In iptables I am logging certain public IP addresses... say of websites visited from different workstations, depending on destination port number... All this is not really relevant to the question but I am just stating it here so my goals become clear.
Now I want to analyze the data... I only have the IP addresses... What is the best way to get the domain name. OK, I know you can use nslookup and dig but the domain name displayed is possibly the A record in the DNS data which usually is not THE domain name that one is looking for...
I am a little fuzzy about the details... but what I would need is, for example, someone visits cnbc.com, I look at the ip addresses logged and I get all kinds of domains from Amazon web services to facebook.com. The closest domain for which an IP is logged was nbcuni.com...
Is there some "service," API, software, third-party solution, available to get the "closest" recognizable domain name for a given IP?
EDIT: There is another problem... Monitoring systems appear to handle them. Proxy systems (as recommended below) cannot distinguish between URL specified and the URL of contents in the page visited. Or can they? Any URL visited, expressly as specified in the browser or indirectly any URL whose content is displayed in the page will show up as URL visited. Is there a way to distinguish? Through Proxy logs or otherwise?