Depending on the types of advert you're showing and how they're embedded, you might be able to do something with a content security policy (CSP):
Content-Security-Policy - HTTP | MDN[
^]
CSP Cheat Sheet[
^]
This would let you lock down your site to only load scripts / images / frames / etc. from a specified list of domains. If an advert tried to load a script from a domain that wasn't in the list, all modern browsers would block it.
But if you can't trust the company that's serving up your adverts, then you shouldn't use them.