Note that this is not officially stated by Youtube, but reported by users and proven on youtube site itself.
Youtube probably somewhere around apple keynote event updated their URL system, now working in JSON.
This broke all apps from youtube-dl through 3rd party youtube clients to youtube video and music download/ripping sites (those that actually just passed the webm link to video file on google) and now uses some authentication methods (based on my IP, timeout and other things being in the URL)
The most notable mentions are as said youtube-dl, whose hotfix has as of writing this already been published, but no tested version - bugs expected -
NewPipe (3rd party youtube client I am personally using!
and onlinevideoconverter.com/ytmp3.cc and others.
It is predicted that this update was intentional on breaking the download sites, instead of just better security for direct video files.
From: https://github.com/TeamNewPipe/NewPipe/issues/2615