diff --git a/Subdominator/SubdomainHijack.cs b/Subdominator/SubdomainHijack.cs
index a477b71..5e618cd 100644
--- a/Subdominator/SubdomainHijack.cs
+++ b/Subdominator/SubdomainHijack.cs
@@ -438,7 +438,18 @@ public async Task<TakeoverResult> IsDomainVulnerable(string domain, bool validat
             // If we didn't get NXDOMAIN'd
             if (response != null)
             {
-                responseBody = await response.Content.ReadAsStringAsync();
+                try
+                {
+                    responseBody = await response.Content.ReadAsStringAsync();
+                }
+                catch (InvalidOperationException)
+                {
+                    // Fallback when an invalid charset is specified in the
+                    // response headers. Read as bytes and assume UTF8 to avoid
+                    // crashing. See GH issue #11.
+                    var bytes = await response.Content.ReadAsByteArrayAsync();
+                    responseBody = Encoding.UTF8.GetString(bytes);
+                }
 
                 // Check if HTTP status matches the fingerprint
                 if (fingerprint.HttpStatus.HasValue && (int)response.StatusCode == fingerprint.HttpStatus.Value)