Allow Internet Access based on DNS, Outbound Security Group only allow to enter IP Address not DNS name..

Is there any other alternative way to restrict permission/access based on DNS.

Yes, there are several ways. [1] [2] [3]

[1] How to set up an outbound VPC proxy with domain whitelisting and content filtering | AWS Security Blog
https://aws.amazon.com/jp/blogs/security/how-to-set-up-an-outbound-vpc-proxy-with-domain-whitelisting-and-content-filtering/

[2] FAQs - AWS WAF - Amazon Web Services (AWS)
https://aws.amazon.com/waf/faqs/?nc1=h_ls#:~:text=Are%20the%20existing%20matching%20conditions%20compatible%20with%20the%20Rate%2Dbase%20Rule%3F

[3] Cloud firewall - AWS Network Firewall - Amazon Web Services Cloud firewall - AWS Network Firewall - Amazon Web Services https://aws.amazon.com/network-firewall/?nc1=h_ls&whats-new-cards.sort-by=item.additionalFields.postDateTime&whats-new-cards.sort-order=desc#:~:text=Flexible%20protection%20through%20fine%2Dgrained%20controls

Further, I have tried to find out the IP addresses of the websites allowed in Outbound security group some does work others doesn't.

It is difficult to answer the above question because we do not know the details of the event.