@Sempf why on earth would you nmap a cdn? you won't see the origin ports, and even at the application layer you'd only see the proxy. there may be some L7 proxy trickery or even some TCP level magic that works, but nmap is not the right tool to test those.