On the TV side of things we block US IP addresses, beucase movie/TV copyrights are far more complicated in the USA than elsehwere, and we also block proxies, becuase some people were using proxies to circumvent the country filter.
Given the times of day, I would bet that it was someone from work in America tuning in to our "Night Komfort" all night movie marathon. 11PM in eastern Australia is 9AM on the US East coast this time of year. We use BeeThink to block known proxies from accessing the TV stream.
The people that were using VPNs to circumvent the country filters not only made it harder for us to detect, but their employers would also not know what they were up to, as the traffic out of the office would be encrypted, and the boss would have no clue that someone was watching an online movie broadcast. Untill we installed BeeThink to block known proxies and VPNs from the TV stream, we did get quite a bit of VPN usage during the American workday, so there were people watching online movies, and the boss would have never known what was going on, with the encrypted traffic going out of the office to the VPNs in China or Singapore. All anyone would ever know is that an heavily encrypted stream coming from China or Singapore. They would know that an encrypted stream, at 340K, was being received, and that would have been it.
One thing about BeeThink, is that I think it could catch on in more shops. BeeThink can do a lot of things that hardware firewalls cannot so. You can get updated lists of known proxies, including VPNs and "web proxies", that are harder to detect. BeeThink can even do whitelising, which you have talked about, which a hardware firewall cannot do.
With BeeThink, you just change the mode to whitelist, and add the IP ranges you want to allow access to. That is something your hardware firewalls have not learned yet. It surprises me that more shops dont use BeeThink.