Squid - Zero sized reply

debug_options ALL,1 rotate=1
logfile_rotate 0

cache_mgr admin@domain.ru
visible_hostname squid.domain.ru

http_port 10.1.16.19:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=64MB cert=/etc/squid/ssl/ca-squid.domain.ru.pem

server_persistent_connections off
client_persistent_connections off

cache_effective_user squid
cache_effective_group squid

# ICAP ACL
acl icap_whitelisted dstdomain "/etc/squid/lists/icap_domains_whitelisted.txt"

# ICAP scanning
icap_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_encode off
icap_client_username_header X-Authenticated-User
icap_connect_timeout 1 second
icap_preview_enable on
icap_preview_size 1024
icap_206_enable on
icap_persistent_connections on

icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_req deny icap_whitelisted
adaptation_access service_req allow all

icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_resp deny icap_whitelisted
adaptation_access service_resp allow all

forwarded_for off
httpd_suppress_version_string on

### Error messages ###
error_directory /etc/squid/errors/ru

### Cache options ###
cache_mem 1024 MB
cache deny all

auth_param basic program /opt/squid/libexec/basic_pam_auth -n squid -t 300 -o
auth_param basic children 30 startup=5 idle=5
auth_param basic credentialsttl 10800 seconds
auth_param basic realm squid.domain.ru

auth_param negotiate program /opt/squid/libexec/negotiate_kerberos_auth -r -s GSS_C_NO_NAME
auth_param negotiate children 100 startup=10 idle=10
auth_param negotiate keep_alive on

authenticate_cache_garbage_interval 1 hour
authenticate_ttl 1 hour

external_acl_type squid_ldap ttl=30 negative_ttl=30 children-max=100 children-startup=10 children-idle=5 %LOGIN /opt/squid/libexec/ext_ldap_group_acl -b "OU=Пользователи,DC=domain,DC=ru" -s sub -D CN=service_ldap_ro,CN=Users,DC=domain,DC=ru -W /etc/squid/ldap.password -R -H ldap://192.168.192.18 -v 3 -S -K -f "(&(sAMAccountName=%u)(memberOf=%g))"
acl proxy_full_access external squid_ldap CN=proxy_full_access,OU=Proxy,OU=Groups,DC=domain,DC=ru
acl proxy_email_access external squid_ldap CN=proxy_email_access,OU=Proxy,OU=Groups,DC=domain,DC=ru
acl proxy_hr_access external squid_ldap CN=proxy_hr_access,OU=Proxy,OU=Groups,DC=domain,DC=ru
acl proxy_no_access external squid_ldap CN=proxy_no_access,OU=Proxy,OU=Groups,DC=domain,DC=ru
acl proxy_no_access_expired external squid_ldap CN=Expired_Passwords,OU=Groups,DC=domain,DC=ru

### Delay Pools ###
delay_pools 1
delay_class 1 4
delay_access 1 deny all
delay_parameters 1 -1/-1 -1/-1 -1/-1 8000/16000

### File lists ###
include "/etc/squid/lists.conf"

### File ACLs ###
## Lists ##
acl lists_block_dom dstdomain "/etc/squid/lists/domains_blocked.txt"
acl lists_fun_dom dstdomain "/etc/squid/lists/domains_fun.txt"
acl lists_job_dom dstdomain "/etc/squid/lists/domains_job.txt"

## Custom Lists ##
acl domains_whitelisted dstdomain "/etc/squid/lists/domains_whitelisted.txt"
acl domains_ssl_direct dstdomain "/etc/squid/lists/domains_ssl_direct.txt"
acl domains_mail dstdomain "/etc/squid/lists/domains_mail.txt"
acl domains_no_auth dstdomain "/etc/squid/lists/domains_no_auth.txt"
acl ip_ssl_direct dst "/etc/squid/lists/ip_ssl_direct.txt"

# SSL exceptions
acl domains_ssl_error dstdomain "/etc/squid/lists/domains_ssl_error.txt"

# SSL Proxying
ssl_bump none domains_ssl_direct
ssl_bump none ip_ssl_direct
ssl_bump client-first domains_ssl_error
ssl_bump server-first all
#sslproxy_flags DONT_VERIFY_PEER
sslproxy_cert_error allow domains_ssl_error
sslproxy_cert_error deny all
sslcrtd_program /opt/squid/libexec/ssl_crtd -s /etc/squid/ssl/ssl_db -M 128MB
sslcrtd_children 50 startup=10 idle=10
always_direct allow all

### Port based ACLs ###
acl ports_allowed port 20
acl ports_allowed port 21
acl ports_allowed port 80
acl ports_allowed port 443
acl ports_allowed port 9000

acl ports_connect port 443
acl ports_connect port 9000

### Time period ACLs ###
acl time_fun time MTWHF 13:00-14:00 18:30-23:00
acl time_blocked time MTWHF 23:00-23:59 00:00-8:00
acl time_weekends time SA 00:00-23:59

### Other ACLs ###
acl net_domain src 10.0.0.0/8
acl net_domain src 192.168.20.0/24

acl method_connect method CONNECT
acl proxy_authorized proxy_auth REQUIRED

### Access lists ###
http_access deny !net_domain
http_access allow domains_no_auth ports_allowed
http_access deny !proxy_authorized
http_access deny proxy_no_access
http_access deny proxy_no_access_expired
#http_access deny !proxy_full_access time_blocked
http_access deny !proxy_full_access !time_fun lists_fun_dom
http_access deny !proxy_full_access lists_block_dom !domains_whitelisted
http_access deny !proxy_email_access !proxy_full_access !domains_whitelisted lists_mail_dom
http_access deny !proxy_hr_access !proxy_full_access lists_job_dom
http_access deny method_connect !ports_connect
http_access deny !ports_allowed
http_access allow all

deny_info https://support.domain.ru/pass_change proxy_no_access_expired

### Other parameters ###
access_log stdio:/var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log none

logfile_rotate 90
mime_table /etc/squid/mime.conf

request_header_max_size 20 KB
request_body_max_size 0 KB

via off

shutdown_lifetime 3 seconds

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ru-RU
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Accept-Encoding: gzip, deflate
Pragma: no-cache
Host: standartmedia.ru
X-Forwarded-For: unknown
Cache-Control: max-age=259200
Connection: keep-alive