Small to script do a first -sS scan and then a version scan based on the results

nmap.sh

#!/bin/bash

if [ $# -ne 1 ]; then
    echo "Missing IP. Usage: $0 <IP>"
    exit
fi

out=$(sudo nmap -sS -Pn -n -T4 --min-parallelism 1000 --min-rate 5000 -p- $1)
syn=$(echo "$out" | awk '/PORT.*STATE.*SERVICE/,/Read data files/' | grep -v 'Read data files')
echo -e "Syn scan:\n$syn"

declare -a tcp=()
while IFS= read -r line; do
    port=$(echo $line | awk '{print $1}')
   [[ "$port" =~ "tcp" ]] && tcp+=("${port%%/*}")
done <<< "$syn"

tcp=$(IFS=,; echo "${tcp[*]}")
echo "Starting scan in ports: $tcp"
sudo nmap -sS -Pn -n -T4 --min-parallelism 1000 --min-rate 5000 $1 -sC -sV -p $tcp