Why CloudFront does not return Access-Control-Allow-Origin

I'm trying to figure out why cloudfront distribution does not cache / send through access-control-allow-origin.

When I curl my website:

HTTP/1.1 200 OK
Date: Sat, 03 Mar 2018 07:42:01 GMT
Content-Type: application/font-woff2
Content-Length: 77160
Connection: keep-alive
Set-Cookie: __cfduid=dda822a428a2dddb9113bbd425dba93e91520062921; expires=Sun, 03-Mar-19 07:42:01 GMT; path=/; domain=.flexrc.com; HttpOnly
Last-Modified: Fri, 02 Mar 2018 03:01:32 GMT
ETag: "5a98be8c-12d68"
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Sat, 03 Mar 2018 11:42:01 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 3f5a76ca7ddd3b50-YVR

but when I curl cloudfront file:

    HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 66624
Connection: keep-alive
Date: Sat, 03 Mar 2018 03:13:25 GMT
Last-Modified: Sun, 21 Feb 2016 22:02:50 GMT
ETag: "56ca340a-10440"
CF-Cache-Status: HIT
Expires: Sat, 03 Mar 2018 07:13:25 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 3f58ed5738b09668-SJC
X-Cache: RefreshHit from cloudfront
Via: 1.1 f42a8d19b16850af801ce5662fc9fdab.cloudfront.net (CloudFront)
X-Amz-Cf-Id: HBJgB_UBz1pKdUQf-08bsZDXGE3Cv9GD6X9e3aUx_R8ejPdlQxGD8g==

In "Edit Behavior" for "Cache Based on Selected Request Headers" I've added whitelist
for Origin and Access-Control-Allow-Origin

I've also invalidated Object several times, as well I was waiting for the progress to finish on the distribution.

I'm not using S3.

I've also checked Setting Access-Control-Allow-Origin on Cloudfront

but it didn't help me.

Any advice is appreciated.

Distribution Settings