Find the script an Apache process is running

I have Apache 2.4 configured as mpm_prefork on an Ubuntu server.

It happens that via htop I have seen that there are processes that use a lot of CPU.

How do I find out exactly what url/php script this Apache process is running on my site? Eg.:

I cannot activate mod_status as CIS does not recommend using this module.

The recommendation not to enable mod_status is rooted in the fact that if it is made available, then it will be available server-wide.
When you then also allow .htaccess files (which is default or most Apache httpd deployments) then every user that can edit/create .htaccess files can enable the status URL. Unlike most directives that can be enabled/configured from .htaccess files the scope of the status URL is not limited to the directory path in which the .htaccess file is placed, but exposes the status of the whole server and all sites hosted there. That can be a severe security risk/information leak on a shared server.

That security risk does not need to exist.

When the server is not used by many different webmasters rather than relying on .htaccess files the server admins can load all directives into the static configuration, in the httpd.conf (and/or into snippets that get included from the sites-enabled and/or conf.d etc. sub-directories. ).
Then disable all .htaccess (by setting AllowOverride none). That also improves performance by the way.
Then only the administrator can enable the status URL and when proper access controls are set on that URL there is no risk in using mod_status.