import re

# Exemple de log contenant des activités suspectes
log_data = """
192.168.1.1 - - [28/May/2024:10:32:55 +0000] "GET /index.html HTTP/1.1" 200 2326
192.168.1.2 - - [28/May/2024:10:33:12 +0000] "GET /login.php?username=admin&password=admin HTTP/1.1" 200 1420
192.168.1.3 - - [28/May/2024:10:34:23 +0000] "POST /transfer.php HTTP/1.1" 200 5320
192.168.1.4 - - [28/May/2024:10:35:00 +0000] "GET /scam_offer HTTP/1.1" 200 221
"""

# Mots-clés ou motifs pour détecter des scams
scam_patterns = [
    re.compile(r'scam_offer'),
    re.compile(r'login\.php\?username=admin&password=admin'),
    re.compile(r'transfer\.php')
]

# Fonction pour détecter des scams dans les logs
def detect_scams(log_data, patterns):
    lines = log_data.split('\n')
    scam_lines = []
    for line in lines:
        for pattern in patterns:
            if pattern.search(line):
                scam_lines.append(line)
                break
    return scam_lines

scam_activities = detect_scams(log_data, scam_patterns)
print("Detected scam activities:")
for activity in scam_activities:
    print(activity)