You need to know, that query parameters (also called CGI parameters, based on an old standard of the 90s) have a special format, where the characters '?', '&', '+', '%' and '=' have a special meaning. Roughly speaking, the format of a URL with query parameters is:

http://hostname:port/path?name1=value1&name2=value2

The ? separates the query parameters from the rest of the URL, the & separates two query parameters from each other, and the = separates the query-name from the query-value. A % sign is used to indicate an "escape sequence" and a +-sign can be used to represent a space inside a name or value. For example a parameter "street" with value "Alan Turing Avenue 42" would be encoded as

?street=Alan+Turing+Avenue+42

That means, if you want to use any of these special characters (and some others) inside the name or value of a query parameter, you need to "URL-encode" it. See HTML URL Encoding Reference (w3schools.com)

In our example, we have a query parameter with the name "$filter" and the value "Account = '800000012341' and Prodtyp = 'EWR'". The = sign needs to be encoded as %3D, leading to the following correct query:

?$format=json&$filter=Account%20%3D%20'800000012341'%20and%20Prodtyp%20%3D%20'EWR'&$expand=NavtoData1%2DNavtoData2

(Note that the algorithm used here, encoded space characters as %20 instead of as a + sign, which is also ok. In general, every character can be encode ("escaped") by %xy, where xy is the hexadecimal value of its ASCII code or its UTF-8 code.)