Wireshark has a built-in filter,
tcp.analysys.flags, that will show you packets that have some kind of expert message from Wireshark;
tcp.analysis.flags is shown in the TCP section of the Packet Details pane. Under that, expand SEQ/ACK analysis then expand TCP Analysis Flags. This will tell you exactly what triggered
tcp.analysis.flags. A few examples include:
TCP makes the transmission of segments reliable via sequence number and acknowledgement. When TCP transmits a segment containing data, it puts a copy on a retransmission queue and starts a timer; when the acknowledgment for that data is received, the segment ...