The asterisk.conf filter is missing a regex that catches the dial-through attempts that end in the bad-context dialplan section.
These attacks are possible when the PBX accepts unauthenticated SIP calls and Guest is enabled.
That section is pushing a WARNING in the log files with the keywords Friendly Scanner from followed by the attacker IP address.
This is a quick and dirty method to pass the attacker IP address not available in other parts of the dialplan or from Asterisk logs.
The RegEx should be as follows:
^(%(__prefix_line)s|\[\]\s*WARNING%(__pid_re)s:?(?:\[C-[\da-f]*\])? )Ext\. s: Friendly Scanner from <HOST>$
Please restore the regex as it's the only method to ban 5kr1pt k1dd1e5 from poking the PBX.