Test simulating C&C communication

Question

Hi everyone. 
 Testing a XG device with http://www.cpcheckme.com/checkme/ I have had trying to validate the second one test called " Command & Control Communication ". 
 
 I have the latest firmware version and active IPS malware signatures for malware-backdoor, malware-cnc, malware-other, browser-x options and exploit-kit. Besides, it's actived ATP, and web filter (command and control category) but is not detected. 
 This validation is posted in C&C Communication: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk115236 
 CheckMe simulates this test by posting:

creditcard=1234&expyear=2017&ccv=123&pin=1234

to:

http://www.cpcheckme.com/check/testsAssets/post.html 
 
 What is the best option to detect this test ? 
 Thank you, 
 Juan Carlos

LuCar Toni · Accepted Answer

Mh - I am not quite sure, but this domain / service is provided by checkpoint. 
 
 cpcheckme.com - Whois: 
 Check Point Software Technologies Ltd. 
 5 Hasolelim St. 
 Tel Aviv 
 
 Maybe this is build to actively build to avoid other vendors. 
 Btw: i would guess, those creditcard numbers are not be checked, because they are invalid. 
 No creditcard looks like this: creditcard=1234&expyear=2017&ccv=123&pin=1234 
 https://www.snort.org/faq/readme-sensitive_data 
 This is the Snort rule for CCLs. Snort actually check for valid data. 
 
 Just my guess about the Creditcard part. 
 
 The question is, how will the other parts be tested? If its the same process like in the first one - From my perspective, that are not valid tests.