diff --git a/pkg/services/object/get/util.go b/pkg/services/object/get/util.go
index 08c738280..a68232c9a 100644
--- a/pkg/services/object/get/util.go
+++ b/pkg/services/object/get/util.go
@@ -87,7 +87,6 @@ func (c *clientCacheWrapper) get(info coreclient.NodeInfo) (getClient, error) {
 	}, nil
 }
 
-// nolint: funlen
 func (c *clientWrapper) getObject(ctx context.Context, exec *execCtx, info coreclient.NodeInfo) (*object.Object, error) {
 	if exec.isForwardingEnabled() {
 		return exec.prm.forwarder(info, c.client)
@@ -99,79 +98,87 @@ func (c *clientWrapper) getObject(ctx context.Context, exec *execCtx, info corec
 	}
 
 	if exec.headOnly() {
-		var prm internalclient.HeadObjectPrm
-
-		prm.SetContext(ctx)
-		prm.SetClient(c.client)
-		prm.SetTTL(exec.prm.common.TTL())
-		prm.SetNetmapEpoch(exec.curProcEpoch)
-		prm.SetAddress(exec.address())
-		prm.SetPrivateKey(key)
-		prm.SetSessionToken(exec.prm.common.SessionToken())
-		prm.SetBearerToken(exec.prm.common.BearerToken())
-		prm.SetXHeaders(exec.prm.common.XHeaders())
-
-		if exec.isRaw() {
-			prm.SetRawFlag()
-		}
-
-		res, err := internalclient.HeadObject(prm)
-		if err != nil {
-			return nil, err
-		}
-
-		return res.Header(), nil
+		return c.getHeadOnly(ctx, exec, key)
 	}
 	// we don't specify payload writer because we accumulate
 	// the object locally (even huge).
 	if rng := exec.ctxRange(); rng != nil {
-		var prm internalclient.PayloadRangePrm
-
-		prm.SetContext(ctx)
-		prm.SetClient(c.client)
-		prm.SetTTL(exec.prm.common.TTL())
-		prm.SetNetmapEpoch(exec.curProcEpoch)
-		prm.SetAddress(exec.address())
-		prm.SetPrivateKey(key)
-		prm.SetSessionToken(exec.prm.common.SessionToken())
-		prm.SetBearerToken(exec.prm.common.BearerToken())
-		prm.SetXHeaders(exec.prm.common.XHeaders())
-		prm.SetRange(rng)
-
-		if exec.isRaw() {
-			prm.SetRawFlag()
-		}
-
-		res, err := internalclient.PayloadRange(prm)
-		if err != nil {
-			var errAccessDenied *apistatus.ObjectAccessDenied
-			if errors.As(err, &errAccessDenied) {
-				// Current spec allows other storage node to deny access,
-				// fallback to GET here.
-				obj, err := c.get(ctx, exec, key)
-				if err != nil {
-					return nil, err
-				}
-
-				payload := obj.Payload()
-				from := rng.GetOffset()
-				to := from + rng.GetLength()
-
-				if pLen := uint64(len(payload)); to < from || pLen < from || pLen < to {
-					return nil, new(apistatus.ObjectOutOfRange)
-				}
-
-				return payloadOnlyObject(payload[from:to]), nil
-			}
-			return nil, err
-		}
-
-		return payloadOnlyObject(res.PayloadRange()), nil
+		// Current spec allows other storage node to deny access,
+		// fallback to GET here.
+		return c.getRange(ctx, exec, key, rng)
 	}
 
 	return c.get(ctx, exec, key)
 }
 
+func (c *clientWrapper) getRange(ctx context.Context, exec *execCtx, key *ecdsa.PrivateKey, rng *object.Range) (*object.Object, error) {
+	var prm internalclient.PayloadRangePrm
+
+	prm.SetContext(ctx)
+	prm.SetClient(c.client)
+	prm.SetTTL(exec.prm.common.TTL())
+	prm.SetNetmapEpoch(exec.curProcEpoch)
+	prm.SetAddress(exec.address())
+	prm.SetPrivateKey(key)
+	prm.SetSessionToken(exec.prm.common.SessionToken())
+	prm.SetBearerToken(exec.prm.common.BearerToken())
+	prm.SetXHeaders(exec.prm.common.XHeaders())
+	prm.SetRange(rng)
+
+	if exec.isRaw() {
+		prm.SetRawFlag()
+	}
+
+	res, err := internalclient.PayloadRange(prm)
+	if err != nil {
+		var errAccessDenied *apistatus.ObjectAccessDenied
+		if errors.As(err, &errAccessDenied) {
+			obj, err := c.get(ctx, exec, key)
+			if err != nil {
+				return nil, err
+			}
+
+			payload := obj.Payload()
+			from := rng.GetOffset()
+			to := from + rng.GetLength()
+
+			if pLen := uint64(len(payload)); to < from || pLen < from || pLen < to {
+				return nil, new(apistatus.ObjectOutOfRange)
+			}
+
+			return payloadOnlyObject(payload[from:to]), nil
+		}
+		return nil, err
+	}
+
+	return payloadOnlyObject(res.PayloadRange()), nil
+}
+
+func (c *clientWrapper) getHeadOnly(ctx context.Context, exec *execCtx, key *ecdsa.PrivateKey) (*object.Object, error) {
+	var prm internalclient.HeadObjectPrm
+
+	prm.SetContext(ctx)
+	prm.SetClient(c.client)
+	prm.SetTTL(exec.prm.common.TTL())
+	prm.SetNetmapEpoch(exec.curProcEpoch)
+	prm.SetAddress(exec.address())
+	prm.SetPrivateKey(key)
+	prm.SetSessionToken(exec.prm.common.SessionToken())
+	prm.SetBearerToken(exec.prm.common.BearerToken())
+	prm.SetXHeaders(exec.prm.common.XHeaders())
+
+	if exec.isRaw() {
+		prm.SetRawFlag()
+	}
+
+	res, err := internalclient.HeadObject(prm)
+	if err != nil {
+		return nil, err
+	}
+
+	return res.Header(), nil
+}
+
 func (c *clientWrapper) get(ctx context.Context, exec *execCtx, key *ecdsa.PrivateKey) (*object.Object, error) {
 	var prm internalclient.GetObjectPrm