I have recently found an issue with Craft Report: if a site is using Verbb's Knock Knock plugin, the public endpoint required by Craft Report to query the site, is redirected to the form used by Knock Knock.
Instead of working around this issue in Craft Report it seemed a more elegant move to fix this in the Knock Knock plugin itself - so I did it. As you can see in this PR, an unprotected URLs feature has been added to Knock Knock. So from now, you can exclude specific URLs from being protected by Knock Knock. As a new version has not been release yet, until that happens, you would need to use the dev-craft-3 version in your composer.json, like this: "verbb/knock-knock": "dev-craft-3 as 184.108.40.206".
After this just navigate to the URLs tab of Knock Knock's settings page and add a new line with /reporter/status to the Unprotected URLs option.