Hello Domai,
If I am not wrong you are talking about "Proactive Bot Defense" feature, which is enabled in your DoS profile.
If this is so, then to see blocked requests you need to enable "Log Challenged Requests" in logging profile. Also, in addition, you can enable "Log Legal Requests" too.
About issue in pop-up window... Do you use AJAX request for it? If this is so, then you need to enable "Single Page Application" in "General Settings" of your dos profile.
Do you use only "Proactive Bot Defense" feature or you also use some other Client-Side features like "Web Scraping"?
Is it expected that users of your application have disabled JavaScript?
Thanks, Ivan