Scan a hostname endpoint to find the TLS ciphers it supports:
nmap --script ssl-enum-ciphers -p 443 $HOSTNAME