Based on the fact that it contains "binary" characters (those > 0x7F), it's likely it was encrypted before being stored in the cookie. If the site wanted to encode it in a way that was publicly readable they could have used any number of ASCII-only encoding schemes. It seems they deliberately obscured the email address to make it publicly unreadable from the cookie, while allowing them to decrypt it using a key only they know.
If you want to be exhaustive in your search for a possible encoding format, you need to interpret the characters using different character sets. In this case though it's unlikely any character set would make sense: the email address stored is almost certainly ASCII-only, so only a non-ASCII compatible character set would generate that type of output. UTF-16 and UTF-32 are possibilities though, if the email address was short.
46476cf87e06f153fe4610e054b39582424bd9d394bcaee1
(or in binary (010001100100011101101100111110000111111000000110111100010101001111111110010001100001000011100000010101001011001110010101100000100100001001001011110110011101001110010100101111001010111011100001
). They just URL encoded the non-printable ASCII bytes. – dr jimbob Mar 24 '14 at 23:492f476cf87e06f153fe4610e054b39582424bd9d394bcaee1
hex string. By URL encoding, I just mean percent encoding -- the encoding scheme where you specify some bytes (unprintable ascii, or otherwise want to be avoided) with a % followed by two hexadecimal characters. See: http://en.wikipedia.org/wiki/Percent-encoding – dr jimbob Mar 26 '14 at 20:34/Glø~ñSþFàT³BKÙÓ¼®á
as its not UTF-8 (doesn't have right form), so the browser defaults to ISO-8859-1. Note your string is actually 24 characters long, though 5 are invisible. For a gentle introduction to encoding see: http://www.joelonsoftware.com/articles/Unicode.html – dr jimbob Mar 26 '14 at 20:40Dr jimbob - I've used JavaScript unescape() Function to change %2FGl%F8%7E%06%F1S%FEF%10%E0T%B3%95%82BK%D9%D3%94%BC%AE%E1 to this: /Glø~ñSþFàT³BKÙÓ¼®á
– Mateusz Mar 27 '14 at 13:59