This is an error that can only happen on the incoming leg of a call! That leg could be the leg from an extension, but extensions shouldn’t be in the context from-did.
If this really was an outgoing call, you have the outgoing trunk looped back to the originating Asterisk.
Unless you have users with Israeli IP addresses, these are incoming calls, almost certainly from someone attempting toll fraud by making you pay for calls to premium numbers from which they get revenue. If you do have extensions with Israeli public IP addresses, those extensions have not been configured into the system.
You should disable anoymous calls.
You should configure your firewall to only accept incoming SIP traffic from networks from which you actually expect it, e.g. your service provider.
If possible, you should switch to TLS or TCP.
If that is not possible but using a custom port number is possible, you should change to a port number completely unrelated to 5060.
You should consider enabling fail2bin, which will help rate limit attacks.
Thank you for providing security tips, we know how to secure the system. currently now we are working on Outgoing calls and because of that everything allowed.
Other than one call to extension 100 from a queue, there are no calls in the log with from-internal context. Perhaps your device is misconfigured and is not sending the call to Asterisk. What do you hear? What does the device display show? Can you call from one extension to another?