What do you mean by "end-to-end encrypted"? Isn't this just a request to your service that will then go out and fetch the icon from the site, so it can't be e2e since you need to know which site to request the icon from.

Why use that term when it clearly can't be true or even seems applicable/relevant?