Funny, I tried with other browsers than IE11, and it's not working with them. The response is blocked because of the Access-Control-Allow-Origin only allowing "http://www.mywebbnerd.com". Why this works in IE and not in other browser is beyond me, I thought the CORS mechanism was server-side.
edit: Ok, after a bit of reading, it seems that CORS is only for a user's safety... so I guess that it makes sense that it only works in IE. Turns out the Origin request is not set by IE (in my scenario at least), thus the Access-Control-Allow-Origin has no effect.