 | 1 | initial version |
What you're seeing is called "percent encoding". Whatever program is sending the HTTP POST is using percent encoding, and has, for example, percent-encoded the รค character as its two-octet representation in UTF-8 (hex C3 followed by hex A4, as per @grahamb's comment), with those two octets percent-encoded.
Wireshark doesn't do percent-encoding - it's showing you what was in the packet, without percent-encoding it.
When using a different http post sniffer I can see the scandics.
Perhaps that's not a packet sniffer, so that it doesn't capture, and display, raw network packets, which is what Wireshark does. You refer to it as an "http post sniffer"; perhaps it's a proxy sniffer, and perhaps it undoes the percent-encoding to show you what the percent-encoded text represents. What sniffer is it?
