For this you need some pepper (i.e. a secret) to prevent doctoring.
The better option is an encrypted blob containing all relevant data and a timing component. Of course those thing do require effort. It makes it opaque for everyone but the server handling the redirect.
The better option is an encrypted blob containing all relevant data and a timing component. Of course those thing do require effort. It makes it opaque for everyone but the server handling the redirect.