diff --git a/baddns/signatures/nucleitemplates_worksites-takeover.yml b/baddns/signatures/nucleitemplates_worksites-takeover.yml
new file mode 100644
index 00000000..85fce19e
--- /dev/null
+++ b/baddns/signatures/nucleitemplates_worksites-takeover.yml
@@ -0,0 +1,17 @@
+identifiers:
+  cnames: []
+  ips: []
+  nameservers: []
+  not_cnames: []
+matcher_rule:
+  matchers:
+  - dsl:
+    - Host != ip
+    type: dsl
+  - regex:
+    - (?:Company Not Found|you’re looking for doesn’t exist)
+    type: regex
+  matchers-condition: and
+mode: http
+service_name: worksites takeover detection
+source: nucleitemplates
diff --git a/baddns/signatures/signature_history.txt b/baddns/signatures/signature_history.txt
index 60699ec1..d3068ca9 100644
--- a/baddns/signatures/signature_history.txt
+++ b/baddns/signatures/signature_history.txt
@@ -43,3 +43,4 @@ a27cb2b846c49c85f8cf9d9c70e32661034cf171060d0cc5c63d784d38ead7f0 #dnsreaper_gith
 d095bc12534247d29aac9374be12c25e3cc0fb2e518a98955755ebdde99506d7 #nucleitemplates_flexbe-takeover.yml
 d19fa7533f4df924686ef711baa83dbb115dd0904920792f7b3a530c98b355e2 #dnsreaper_nsone.yml
 0ad4ff1670e5082368bc9b34414a774e03fe3e13c77a796347b48b9dca74d9d4 #dnsreaper_hostinger.yml
+fad3c33286d3486c891503d8fbe64db4faf73e9d10a8fd1c035638ee8ea34eca #nucleitemplates_worksites-takeover.yml