depending on your web server or host config.
.htaccess file
Header set Access-Control-Allow-Origin "*"
Discussion
it looks like you're using netlify?
https://stackoverflow.com/questions/62507022/how-to-enable-cors-on-a-netlify-deployment
I’ma zap the hell outta you if this works
also, redirects (308, etc) are not permitted as per security standards of nip05. this is a simple dumb thing that tripped me up. clients are instructed not to follow redirects. that will yield a red herring CORS issue
also, if this well known json will rarely change, set cache control for aggressive dns/client caching. will save you 100-1000x bandwidth