Can anyone help us with a mystery that is driving us mad?

We are a UK charity getting visits to our site from thousands of visitors all over Spain and Latin America. They are all being referred from and following a referral that is typically something like /ajax/emu/end.php . There are a number of different variants, all with demographic coding like 'fem25-34' . The visitors spend only a few seconds on our site before bouncing out (though a few of them try to translate the site from Spanish into English!).

Our conclusion so far is someone is running a Facebook ad campaign which, for some reason, links through to our home page. People click through, realise immediately this isn't what they want and leave. We don't have any ads running with Facebook and never have.

Could this be a simple error or is something more dodgy going on? Or is there a completely different explanation we are missing? Any help really appreciated.