Python requests: Correct post request parameters for accessing the site's internal page (XHR)

There is a website. You need to get the data from a table located deep inside (in the admin panel). The direct URL can only be used to edit the product card. Then there are the tabs that don't have separate URLs. I understand that all this works on JS.

As far as I could find the information, I need to send a POST request with parameters/header. But stubbornly it is not possible to achieve anything. If you have dealt with the authorization on the site, then you have not dealt with these tabs. I can not understand whether to pass all the data from Request Headers or only some specific ones. Or you also need to pass __RequestVerificationToken or Query String Parameters. I tried different combinations and it was dull. Such requests receive a standard "stub" (HTML page with the text: Our staff has been notified of this error and will resolve the issue in the near future.). Apparently, an exception is triggered:

Expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

This is where you need to break through:

Network shows the following (tokens, etc. reduced):

**General**
Request URL: https://www.site.com/Admin/Product/ProductAttributeCombinationList?productId=6883
Request Method: POST
Status Code: 200 
Remote Address: ip:443
Referrer Policy: no-referrer-when-downgrade

**Response Headers**
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 601199dfac5f15f4-ARN
cf-request-id: 06fede7fc6000015f492188000000001
content-encoding: br
content-type: application/json; charset=utf-8
date: Sun, 13 Dec 2020 18:03:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PFNGmVGuxN%2F%2B2V7g6QRyrSR3MzplfxlDuxWIF1vMFhgRXNg0kNtClCuAPjrto4C%2FsvaUB8vZ2xGzwCRl5QRbXJ3kIafMdp1NBoDRepNm"}],"group":"cf-nel","max_age":604800}
server: cloudflare
set-cookie: Nop.customer=f63da1b3-be41-4bb8-9341-07b5ebcfbcef; expires=Mon, 13-Dec-2021 18:03:15 GMT; path=/; HttpOnly
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

**Request Headers**
:authority: www.site.com
:method: POST
:path: /Admin/Product/ProductAttributeCombinationList?productId=6883
:scheme: https
accept: application/json, text/javascript, */*; q=0.01
accept-encoding: gzip, deflate, br
accept-language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7,uk;q=0.6
content-length: 156
content-type: application/x-www-form-urlencoded; charset=UTF-8
cookie: przvdom=9***5; przvgl=5***a; przv_new_w=1; __RequestVerificationToken=1***1; przvlng=ru; ASP.NET_SessionId=x***a; _ga=GA1.2.1669959674.1606847171; _fbp=fb.1.1606847171381.1968299613; _hjTLDTest=1; _hjid=4ea5c46e-f0ee-4380-8575-e6436bf33422; NopCommerce.RecentlyViewedProducts=RecentlyViewedProductIds=5819&RecentlyViewedProductIds=3792&RecentlyViewedProductIds=5591; __atuvc=20%7C49%2C25%7C50; __cfduid=d***2; przvusr=7**1; _gid=GA1.2.1659529086.1607861115; przvdistance=361; NOPCOMMERCE.AUTH=A***A; Nop.customer=f***f; przvonline=517
dnt: 1
origin: https://www.site.com
referer: https://www.site.com/Admin/Product/Edit/6883
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
x-requested-with: XMLHttpRequest

**Query String Parameters**
productId: 6883

**Form Data**
__RequestVerificationToken: 8***0

The code I use:

import requests

url = 'https://www.site.com/login'
header = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36'}

session = requests.Session()
aut_data = {
     'Email': '[email protected]',
     'Password': 'R****',
     'RememberMe':'true',
}
# Авторизация
post_request = session.post(url, data=aut_data, headers=header)

# Попытка получить данные из вкладки
link = 'https://www.site.com/Admin/Product/ProductAttributeCombinationList?productId=6883'
table = session.post(link, headers=header)
table.encoding = 'utf-8'
print (table.text)

Can someone help me out? Thanks!