Use this little website to test if a URL is setup correctly to work with CORS.
Shareable link: https://cors-test.codehappy.dev/?method=get&origin=https%3A%2F%2Fcors-test.codehappy.dev%2F&url=https%3A%2F%2Fmojobus.org%2F.well-known%2Fnostr.json
It does not have the access-control-allow-origin header set to *. Without this header, requests from other domains cannot be made to it via a users browser.
If you have access to the server for the URL, you'll need to modify it to add the access-control-allow-origin header. If you do not have access, you'll need to upload the file somewhere else.
These are the response headers received when making the request.
accept-ranges: bytes
cf-cache-status: DYNAMIC
cf-ray: a13b83d26db8fad4-CMH
connection: close
content-length: 111
content-type: application/json
date: Tue, 30 Jun 2026 07:39:03 GMT
etag: "6747587c-6f"
last-modified: Wed, 27 Nov 2024 17:35:56 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hxog3oQNnFxe4XMBQcL8XEheY7SAVAwL1B1Yz%2BZvlBcPfnlfmBg7IfpiNTsJZU1Ha9Zv1hHHXrsyOtkgBC8%2BVM7bCC3ym79hC6hHUHhUb2NyYSnl5BdIJqgoR0bfeq6d7JH609pQ2r%2Fwng%3D%3D"}]}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: centminmod
x-xss-protection: 1; mode=block
CORS tester was built by @mscccc. The code is available on GitHub. Sponsored by HTML/CSS to Image.