Hello once again!

I did some google image search on icelandic stuff and there was one picture that was seemingly video thumbnail under domain “tritontv.com”, which trought Googling seemed legit video site so I went trought clicking thumbnail image. When placing cursor on the image the exact domain seemed to be “-www.tritontv.com/stirða”, but when I clicked “view page”, it sent me to “-http://www.perfecttranslator.com/stirða”, which seemed to be other legit website, providing some japanese/english translations. Both tritontv.com and perfecttranslator.com seemed clean with Sucuri Sitecheck (exept triton.tv having outdate Wordpress). I got back to Google image search and clicked “view image” and the picture itself showed it was a Youtube thumbnail image, and I found the said video from Youtube later on, and Youtube’s video had same description as the google image.

All these search results seem to make same redirect, making the last word of the domain into translated word at perfecttranslator.com
https://www.google.fi/search?q=site:tritontv.com&ie=utf-8&oe=utf-8&gws_rd=cr&ei=5B4lVrnAHOGeywP-gJbIDw

This is also rather interesting, compare links under “Sitecheck results” and “Website details”
https://sitecheck.sucuri.net/results/www.tritontv.com/wanted

Here’s seperate results for above-mentioned two domains:

https://sitecheck.sucuri.net/results/tritontv.com

https://sitecheck.sucuri.net/results/www.perfecttranslator.com/

Can anyone make anything out of this? :-\

Edit: I managed to find this https://www.xssposed.org/incidents/82488/

When inserting link under “Vulnerable URL” to Sucuri, it blocks the site saying XSS attack was blocked. When I briefly visited perfecttranslate.com Noscript didn’t alert any XSS attacks.