If I put the url in code tags (and url decode to get rid of the %20 etc.) that will make the posting more readable.
http://www.natappdata.co.uk/indicia/index.php/services/data/cache_taxon_searchterm?
callback=jQuery1820981551069766283_1442409674762 &
q=avo &
limit=21 &
timestamp=1442416577943 &
orderby=searchterm_length, original, preferred_taxon &
mode=json &
qfield=searchterm &
auth_token=96a132414e292e8ee3587a00333f630bf9daaa13 &
nonce=b8387f15094231634a7e3201ae19ad94da7369b1 &
taxon_list_id=2 &
query={"where":["(simplified='t' or simplified is null)"]} &
_=1442416577943
The callback name is not important but might indicate different versions of jQuery in use which we may want to keep in mind.
However, a response of unauthorised says to me that there is an authentication problem. Either this website does not have permissions to taxon_list_id = 2 or the auth_token and nonce have expired in some way is my guess.
Jim Bacon.