Port scanning by itself is not directly harmful. It just probes your computer’s ports to see which ones are open and accessible and which services are running on said ports.

You’re fine! Your browser is very good at keeping the things websites do only inside the browser’s sandbox. It is sometimes possible for a website to break out of this sandbox but it’s very, very rare. The website may have just tried to open a pop-up ad or something that Malwarebytes didn’t like.

Tbh, as you are probably already behind a firewall of some kind (like your home router’s firewall) or even behind a NAT router, most likely the Avira warning was an unrelated false-positive since this firewall won’t allow unsolicited internet traffic to reach your device by default. Even if your device is directly connected to the internet with no firewall in-between, it’s nothing to worry about! People/bots are scanning the internet for running systems all the time for various reasons. Especially if your device has an IPv4 address (it probably does) this may even happen several times a day since there’s only about 4 billion possible addresses so it’s very feasible for people to scan the whole internet by trying all addresses. Your operating system’s built-in firewall or Avira will just drop this unsolicited traffic by default or just tell the sender there’s nobody listening if they’re very polite.

You don’t need any other antiviruses than Windows Defender, using uBlock Origin, and not clicking dodgy things. Use yt-dlp for downloading YouTube videos or anything like so