Here is the url: [now hidden]
If you click "login" at the top right, there is a popup which you will notice has no css. However if you load the source of the iframe and look at the network tab the css files have a type of text/html. How do I fix this? Is this an IIS setting?
Use this url: [now hidden] for testing.
This is a url on our production site that works! [now hidden]
* Edit *
Sorry I have to hide the URL's
Solved it was a web.config issue where the themes folder was not marked as "ignore SSL"