Gotten aware of this due to a cross-posting in the Automic/CA forums, and being a curious person:
My guess after some short digging, someone has used the https://www.po.st URL shortener service. They offer vanity URLs for their shortener service, cainc.to probably being one of them. That server seems to try to dish out the certificate that's only valid for po.st and it's wildcard sibling, also for requests for cainc.to.
This is, however, an educated guest, since some of the whois records for some of the domains and IPs are not as clear as mandated.
If I were CA, I'd investigate whether I have a business relationship with po.st (the fact that someone presumably paid for the vanity URL cainc.to seems to suggest this), and then I'd go to them and have them fix their SSL setup, because delivering SSL certificates for the wrong domain makes an awful impression.
Just my $0.02