diff --git a/install/libvips.js b/install/libvips.js
index dbe2f2d62..5f9e45841 100644
--- a/install/libvips.js
+++ b/install/libvips.js
@@ -167,7 +167,7 @@ try {
     } else {
       const url = distBaseUrl + tarFilename;
       libvips.log(`Downloading ${url}`);
-      simpleGet({ url: url, agent: agent() }, function (err, response) {
+      simpleGet({ url: url, agent: agent(libvips.log) }, function (err, response) {
         if (err) {
           fail(err);
         } else if (response.statusCode === 404) {
diff --git a/lib/agent.js b/lib/agent.js
index 6697e3a2c..25de4fafd 100644
--- a/lib/agent.js
+++ b/lib/agent.js
@@ -18,7 +18,7 @@ function env (key) {
   return process.env[key];
 }
 
-module.exports = function () {
+module.exports = function (log) {
   try {
     const proxy = new url.URL(proxies.map(env).find(is.string));
     const tunnel = proxy.protocol === 'https:'
@@ -27,6 +27,7 @@ module.exports = function () {
     const proxyAuth = proxy.username && proxy.password
       ? `${decodeURIComponent(proxy.username)}:${decodeURIComponent(proxy.password)}`
       : null;
+    log(`Via proxy ${proxy.protocol}://${proxy.hostname}:${proxy.port} ${proxyAuth ? 'with' : 'no'} credentials`);
     return tunnel({
       proxy: {
         port: Number(proxy.port),
diff --git a/test/unit/agent.js b/test/unit/agent.js
index c2419339a..caf7f7649 100644
--- a/test/unit/agent.js
+++ b/test/unit/agent.js
@@ -10,34 +10,40 @@ describe('HTTP agent', function () {
 
   it('HTTPS proxy with auth from HTTPS_PROXY', function () {
     process.env.HTTPS_PROXY = 'https://user:pass@secure:123';
-    const proxy = agent();
+    let logMsg = '';
+    const proxy = agent(msg => { logMsg = msg; });
     delete process.env.HTTPS_PROXY;
     assert.strictEqual('object', typeof proxy);
     assert.strictEqual('secure', proxy.options.proxy.host);
     assert.strictEqual(123, proxy.options.proxy.port);
     assert.strictEqual('user:pass', proxy.options.proxy.proxyAuth);
     assert.strictEqual(443, proxy.defaultPort);
+    assert.strictEqual(logMsg, 'Via proxy https:://secure:123 with credentials');
   });
 
   it('HTTPS proxy with auth from HTTPS_PROXY using credentials containing special characters', function () {
-    process.env.HTTPS_PROXY = 'https://user,:pass=@secure:123';
-    const proxy = agent();
+    process.env.HTTPS_PROXY = 'https://user,:pass=@secure:789';
+    let logMsg = '';
+    const proxy = agent(msg => { logMsg = msg; });
     delete process.env.HTTPS_PROXY;
     assert.strictEqual('object', typeof proxy);
     assert.strictEqual('secure', proxy.options.proxy.host);
-    assert.strictEqual(123, proxy.options.proxy.port);
+    assert.strictEqual(789, proxy.options.proxy.port);
     assert.strictEqual('user,:pass=', proxy.options.proxy.proxyAuth);
     assert.strictEqual(443, proxy.defaultPort);
+    assert.strictEqual(logMsg, 'Via proxy https:://secure:789 with credentials');
   });
 
   it('HTTP proxy without auth from npm_config_proxy', function () {
     process.env.npm_config_proxy = 'http://plaintext:456';
-    const proxy = agent();
+    let logMsg = '';
+    const proxy = agent(msg => { logMsg = msg; });
     delete process.env.npm_config_proxy;
     assert.strictEqual('object', typeof proxy);
     assert.strictEqual('plaintext', proxy.options.proxy.host);
     assert.strictEqual(456, proxy.options.proxy.port);
     assert.strictEqual(null, proxy.options.proxy.proxyAuth);
     assert.strictEqual(443, proxy.defaultPort);
+    assert.strictEqual(logMsg, 'Via proxy http:://plaintext:456 no credentials');
   });
 });