The Common Names in the certificates for imgbb.com and ibb.co look fine to me. The images are served from a subdomain of ibb.co but the CN for that is included in the Subject Alternate Name field so it should not be an issue.
I wonder if your AV product is decrypting and scanning HTTPS traffic, but isn't handling the SAN certificate properly. These scanning methods effectively "man in the middle" attack the traffic then re-encrypt to send to the browser with a new cert. If the AV only uses the CN in the Subject and doesn't include the SAN field that would explain it.
|