[3np]

It’s a violation if it happens without consent. If PII (which IP address counts as) is shared (for example by fetching Google Fonts from a US-based CDN) regardless of consent, that is a violation.

Many sites have a consent wall but will throw out third-party requests even if consent is not explicitly given.

If you do those requests only for logged in users who have individually consented (oh, and grandfathering in old users who did not consent will require the same new consent), that does not in itself count as a violation.

Also, explicit consent is not required for strictly necessary things. "Because this way is easier and cheaper and almost everyone else in our industry is doing it" is not sufficient reason.