The Jenkins log is filled with these entries every several seconds (each unique crumb repeats every 30 seconds) with the HTML5 Notifier Plugin enabled, running Jenkins behind a proxy:

Jan 07, 2016 11:18:00 AM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb <crumb>. Will check remaining parameters for a valid one...
Jan 07, 2016 11:18:00 AM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /jenkins/html5-notifier-plugin/list. Returning 403.

It doesn't appear any specific action is required for this to occur, other than an open session.

My Jenkins instance is configured to run behind an Apache proxy, with "Prevent Cross Site Request Forgery exploits" and "Enable proxy compatibility" enabled under global security.

A similar issue was recently resolved for the GitHub plugin: https://issues.jenkins-ci.org/browse/JENKINS-10263