In that case I'm a bit confused what could be the cause
1. Same browser
2. Same Windows server host
3. Same JDK for server
4. Same DB/schema
5. Same DB drivers/module
6. Same APEX.war
7. Different AS server version
Did you check the URIEncoding?
But to prevent IDN Spoofing the browser should encode the special characters in the URLs. So I guess the behaviour in my environment is correct.
Which browser are you using? Maybe you check the related parameters.
I understand there had been an issue in Internet Explorer 7 that the 'Turn off sending URLs as UTF-8' setting was behaving in the opposite manner as described (Article ID: 925261).
Maybe the correction to this bug had been applied in between. So if you are using IE I would suggest to check this setting.