I mentioned this in #ooni IRC and Arturo explained what was going on. I'm making a post so I have something to link to in code comments.

The tcp_connect nettest is now reporting reachability of Tor Browser default bridges and directory authorities. One of these bridges, host:128.105.214.161 port:8080 nickname:wisctorbridge02 protocol:fte is being sanitized in published reports (its address is removed and replaced with its hashed fingerprint).

For example, see https://s3.amazonaws.com/ooni-public/sanitised/2016-12-14/20161213T003954Z-P... There is only one line that starts with {"test_keys":{"bridge_hashed_fingerprint":... For all the other targets, the "input" key looks something like "fte 128.105.214.161:8080", but for this one it is the bridge's hashed fingerprint "626ec5e8b39dbc1d1b853529cdc80d21bf4c20e1" (which is the correct hashed fingerprint of the wisctorbridge02 bridge).

Arturo says this is happening as an effect of the data pipeline sanitization. For some reason, this one bridge is in the list of bridges to be sanitized.

As a workaround, I'm looking for this hashed fingerprint and mapping it back to the bridge's address and port in code.