The SafeBrowsing protection in Firefox downloads the entire malware/phishing database from Google in a highly compressed format, through incremental updates, and this is completely uncorrelated to what you visit.

If an URL you browse to is found as a match in that local database, then and only then is a lookup to a remote server done to check if the compressed URL was not a false positive, and if it's still up to date. This lookup isn't even of the URL you visited, but of the SHA-256 of it. This allows to verify if it was a known malware URL, but it is not possible to reverse it and obtain your URL if the hit was a false positive (due to the compression).

Firefox has some additional privacy protection here in that it will check a whole bunch of random entries from the local database whenever there is a hit, so even the party at the other end (Google) can't tell what malware URL, if any, you actually hit.

Google has added an additional, undocumented SafeBrowsing service to Chrome to check downloaded files, and that one does send the URL off to Google for scanning, but Mozilla has refused to implement this feature in Firefox until the privacy concerns can be addressed.

Note that, aside from being much better for privacy, using a local database is obviously of much higher performance than contacting a remote server for every URL.