It’s encoding. It represents characters, which could be volatile, as benign strings.

A good example of this is < and > characters. Left as they are could easily break an HTML web page or XML document. Encoded, they are harmless.

When *we* see them, it’s because decoding failed or the page didn’t load correctly.