Are there two different database for the resolving of which country an IP Address is from?

I have "Block Authentication by Country" set to Block ALL but US. However, I still have NON-USA countries show up in my IDS Block List for Brute force by Password.

The system is working somewhat because I have lots of blocked logins due to not being on "allowed country list." But some IPs are getting on IDS Block List for incorrect password that show the country as being a NON-USA country.