CanIt maintains an audit trail of changes made in the WUI. It can be accesss by using SQL commands to check the audit_trail table.
select * from audit_trail where table_name='domain_action' order by date DESC;
This would show all changes made in the WUI for Rules->Domains, ie. whitelisting and blacklisting.
Depending on the volume of events are, it might be preferable to limit the search by realm, stream or userid as well.
The audit trail is available in the web interface on some pages. Look for a small "Show Changes" link near the top. For example, Rules->Domains should have a "Show Changes" link, and you could probably find this entry from there.