I procured a batch of domains from a registrar, only to discover that some of them were hijacked by phishers. I managed to reclaim one of the compromised assets, but I overlooked a second one, which got flagged and subsequently blocked by security protocols.
Now, I'm stuck trying to figure out how to retrieve the domain and get it back.

It's not going to be easy, and you might face some resistance from security protocols and registrars. But don't you worry, we're going to tackle this like a well-oiled phishing expedition – wait, scratch that, let's do this the ethical way.

Contact the Registrar: Reach out to the registrar where you originally procured the domain. They're your first point of contact in this recovery mission. Be prepared to provide them with your proof of ownership, such as the original purchase receipt or the EPP code. If you're lucky, they might be able to help you regain control of the domain. However, be warned that registrars can be as helpful as a chocolate teapot when it comes to dealing with compromised domains, so don't hold your breath.

ICANN's Uniform Domain Name Dispute Resolution Policy (UDRP): If the registrar isn't playing ball, it's time to bring out the big guns. ICANN's UDRP is designed to resolve disputes related to the registration of domain names. You'll need to file a complaint with an ICANN-approved dispute resolution service provider. This process can be lengthy and costly, but if you've got a solid case, it might just be your best shot at retrieving your domain.

Law Enforcement: If the phishers have caused significant harm, you might want to consider involving law enforcement. File a report with your local law enforcement agency or, if the phishers are based overseas, with INTERPOL or your country's equivalent. They might not be able to directly help you retrieve your domain, but they can certainly help put the phishers out of business.

Domain Blacklisting: Unfortunately, even if you manage to retrieve your domain, it might still be blacklisted by security protocols and browsers. To remove your domain from blacklists, you'll need to contact each blacklisting organization individually and provide them with proof that your domain is no longer compromised. This can be a time-consuming process, but it's crucial if you want your domain to be accessible again.

Reputation Management: Once you've reclaimed your domain, it's time to start rebuilding its reputation. This might involve setting up a new website, installing an SSL certificate, and ensuring that your domain is secure from further phishing attempts. You might also want to consider monitoring your domain for any signs of compromise in the future.
Retrieving a compromised domain is no walk in the park. It's a complex process that requires patience, persistence, and a good dose of luck. But don't let the phishers win – fight back, and you might just be able to salvage your domain and your reputation. Just remember, prevention is always better than cure, so next time, make sure you've got robust security measures in place to protect your domains from phishing attempts.

Disavow the shady link from the domains ASAP and reach out to the blockers, pronto. Let's get this off our plate and move on.

It's evident that the situation has reached a boiling point, post-fiasco. The 'security lockdown' on the domain has been triggered, resulting in its 'removal from DNS delegation'.
It appears that some federal research institution has intervened, likely due to a perceived security threat or policy violation.