In the example, the 3rd party is a sub-domain name. Are sub-domains treated the same as unqualified, "second level" domain names?

https://en.m.wikipedia.org/wiki/Domain_name

when you set a cookie, by default it sets it at the sub-domain level. You can opt-into setting it at a parent sub-domain (or the root-domain) level if you want.

So for example:

a.foo.com sets cookie X (Set-Cookie: X=value;)

a.foo.com sets a cookie Y on foo.com (Set-Cookie: Y=value; domain=foo.com)

b.foo.com can read Y, but can not read X