I'm unaware of any anti-malware/phishing tool that uploads every address, because it'd be far too slow (you want to know if it's malicious before you show the user anything, to avoid them having the chance to interact with it). They all have some local partial list that is used for a first match, and only if that matches do they interact with any online service.

MS don't have a publicly documented API, which makes it harder to know what's being sent (short of reverse-engineering it), but Google's never uploads actual addresses (it almost always only uploads the uppermost 32-bits of the SHA256 hash of the address, and it never uploads the full hash).