Some research has turned this up from a Chromium bug tracker issue.
Yeah. The extension is derived from the URL. The filename is determined to be "BBoix8aCAAAl9mK.jpg:large", and then sanitized to "BBoix8aCAAAl9mK.jpg-large". During sanitization we replace certain characters in the filename with '-'.
So I'm guessing that's the reason, it's not the website that's adding the extension, it's some kind of URL attribute which gets sanitized to jpg-large by the browser. All in all, looks like the website (here, Twitter, apparently) is misusing the HTTP protocol to store metadata which the browser then fails to interpret sensibly.