`access-control-allow-origin: *`

HTTP header must be sent by your web server (can also be done in some backend), which web server do you use?