IANAL, but I have spent a lot of time reading the GDPR and associated guidance as the DPO for my small company.
As I understand it, you're correct. The Data Controller (Google) is responsible for getting consent, and the Data Processors (the third parties in this case) don't have to get consent themselves.
However, assuming Google's legal basis for processing your personal data is based on consent (rather than fulfillment of a contract or one of the other legal bases), then Google is required to get your unambiguous, opt-in, and non-coerced consent for each specific way your personal data will be used.
It seems likely that Google is covering themselves by acting as a Data Processor, not Data Controller, and the web site using Google is the actual Data Controller. In that case, the web site, not Google, is the one responsible for getting consent.
As I understand it, you're correct. The Data Controller (Google) is responsible for getting consent, and the Data Processors (the third parties in this case) don't have to get consent themselves.
However, assuming Google's legal basis for processing your personal data is based on consent (rather than fulfillment of a contract or one of the other legal bases), then Google is required to get your unambiguous, opt-in, and non-coerced consent for each specific way your personal data will be used.
It seems likely that Google is covering themselves by acting as a Data Processor, not Data Controller, and the web site using Google is the actual Data Controller. In that case, the web site, not Google, is the one responsible for getting consent.