You're looking at StableBuild's Deleted PyPI mirror - where we index all deleted packages from the Python package registry.
http-xen was reported malicious
OSV:MAL-2024-5212 - Malicious code in http-xen (PyPI)

http-xen
1.0.0

This version was deleted from PyPI around 2024-04-19. Installing fails with:
$ pip3 install http-xen==1.0.0 ERROR: Could not find a version that satisfies the requirement http-xen==1.0.0

Install through StableBuild

You can install this package from StableBuild's PyPI snapshots from before the version was deleted:
pip3 install \ -i https://YOUR_API_KEY.pypimirror.stablebuild.com/2024-04-18/ \ http-xen==1.0.0
Sign up for StableBuild to get an API key (it's free and takes <60 seconds!)

Or, download files manually

And install manually via pip: