That's only for cookie/XSS purposes. It still runs from the same server farm, so you can do things like this:

    $ curl -H 'Host: xss-game.appspot.com' https://www.google.com/
    <!doctype html>
    [...]
    <title>XSS game</title>

This works for all the AppSpot hostnames I tried (even my own), but not for any custom domains.