It looks like StartPage has a proxy.

Just insert the image URL on the end of https://www.startpage.com/av/proxy-image?piurl=

• The is an opt-in feature (disabled by default).
• The proxy URL pattern is configurable. It's configurable per account, so each account can specify own proxy value.
• The feature toggle control is placed under the "Extended Options" block on the account edit form (see attached screenshot):
  

Besides that there is another new toggle which enables blocking all non "API entry point"-based network requests. For example, this feature can be useful for detecting if @ProtonMail web client apps do unexpected/unintended/shady network requests. Warning: If option enabled the inlined in the emails images won't be loaded (the app displays a warning message per each blocked request).

the app displays a warning message per each blocked request

See the blocked request notification example on screenshot (the whitelisted webclient0://app.protonmail.ch value here is the in-app-only-available host on which the app hosts the static web clients publicly assembled on CI server from https://github.com/ProtonMail):

By the way @ProtonMail recently switched to loading external images via /api/images?Url=<address> API. So a similar custom feature implemented in the app doesn't make much sense anymore.