Your domain has been published online in different malware samples by various people around June/July 2015. Victims of this malware probably Cryptowall are unknowingly making connection attempts to your domain. I checked your logs and I see over 400 different IP's attempting to make that similar POST request with the "e5.php" file within a 24-hour period . These IP's are coming from all over the world. This kind of behavior is indicative of the malware attempting to "phone home" or call back to a command and control server. It appears you patched over the vulnerability so now the traffic is still coming to your site, but the requests are being denied since that file does not exist. You will want to work with GoDaddy by reporting this information and linking this support post as well as those access logs. Probably, your best solution if possible is to move away from this domain. GoDaddy might have other suggestions, but from my perspective as long as that domain is up you will be receiving this same traffic for awhile. Your domain may get blacklisted or receive negative reputation in the future for being associated with this activity so it's probably smarter to just move on from this domain.
References:
https://malwr.com/analysis/YWUxZmNhMGFmOTY3NDhkYTliZDExYTJkYmEyYmFhN2Q/
https://www.hybrid-analysis.com/sample/f27e7bd5ff01e213ecac0c873a02458ebac3c49d9bc8d2f18abb71973fbcd85c?environmentId=3
https://www.threatcrowd.org/domain.php?domain=mggproperties.com