The crypt'ed MD5 hashes have a special prefix which indicates that's what they are.
For the other hashes, the fact that there's no nonce or other value stored alongside them was a strong hint (although it doesn't rule out a site-wide nonce). However, I confirmed my suspicion by Googling one of the hashes: it was on a list of unsalted hashes that had been brute forced (unrelated to this, the password was fairly common).
For the other hashes, the fact that there's no nonce or other value stored alongside them was a strong hint (although it doesn't rule out a site-wide nonce). However, I confirmed my suspicion by Googling one of the hashes: it was on a list of unsalted hashes that had been brute forced (unrelated to this, the password was fairly common).